Date: Tue, 11 Aug 2020 14:36:14 +0700 From: Eugene Grosbein <eugen@grosbein.net> To: Oleksandr Kryvulia <shuriku@shurik.kiev.ua>, freebsd-security@freebsd.org Subject: Re: A question about Security Advisories Message-ID: <08936836-2303-5bf4-f8a0-873b6dc830b8@grosbein.net> In-Reply-To: <49a1d50c-34d1-239f-1d52-1ebba6799d62@shurik.kiev.ua> References: <49a1d50c-34d1-239f-1d52-1ebba6799d62@shurik.kiev.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
11.08.2020 14:21, Oleksandr Kryvulia wrote: > > Hi, > Last years all Security Advisories regarding base system in the "update your vulnerable system via a source code patch " section recommends to rebuild a whole world instead of an affected part of a base system. This is in a most cases an overhead. > > For example 9 years old SA-11:04 [1] offers: > > b) Execute the following commands as root: > > # cd /usr/src > # patch < /path/to/patch > # cd /usr/src/usr.bin/compress > # make obj && make depend && make && make install > # cd /usr/src/usr.bin/gzip > # make obj && make depend && make && make install > > What is a reason we stop to do it? I understand that the preferred way now is a binary upgrade. > Thank you. Also binary upgrade is not an option for STABLE users.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?08936836-2303-5bf4-f8a0-873b6dc830b8>