Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 23 Dec 2005 10:11:56 +1030
From:      Ian Moore <no-spam@swiftdsl.com.au>
To:        freebsd-questions@freebsd.org
Cc:        rihad <rihad@mail.ru>
Subject:   Re: ports security branch
Message-ID:  <200512231012.05320.no-spam@swiftdsl.com.au>
In-Reply-To: <43A7A39D.7000305@mail.ru>
References:  <43A7A39D.7000305@mail.ru>

next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart2416466.esUNh859vs
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

On Tuesday 20 December 2005 16:54, rihad wrote:
> Is there a security branch for the FreeBSD ports collection?=20
No, there isn't.

> Let's say,=20
> I installed FreeBSD 6.0 together with all needed -RELEASE ports/packages
> (i.e., those on the CD). Running security/portaudit after a while
> reveals that some of the installed packages have vulnerabilities. Am I
> on my own to go grab the fresh ports tree, and upgrade the affected
> software, suffering all the intricacies of the move by myself?=20

CVSUP & Portupgrade or portupdate makes this process very simple, they mana=
ge=20
all the intricacies for you. Check out Dru Lavigne's article on protupgrade=
=20
for a simple portupgrade how-to:
http://www.onlamp.com/pub/a/bsd/2003/08/28/FreeBSD_Basics.html
I update my ports with it all the time and rarely have problems.=20

If you only want to track security vulnerabilities, just portupgrade the po=
rts=20
that have vulnerabilities - that would be roughly equivalent to tracking a=
=20
security branch.

> Debian=20
> GNU/Linux has its security package updates, OpenBSD has a separately
> maintained "errata" ports branch (it's very likely you still get to
> download a newer release of the software, though).
>
> Sorry if this is a bit OT. I've already asked this on freebsd-questions@
> but they told me there's no such thing at all.

Cheers,
=2D-=20
Ian
gpg key: http://home.swiftdsl.com.au/~imoore/no-spam.asc

--nextPart2416466.esUNh859vs
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)

iD8DBQBDqznNPUlnmbKkJ6ARAt1IAJ98kErsNP/LAh4TNrIEH/iYPtp5PgCbBN2h
UlQRhP0Yacf1ZopMC5CA4Aw=
=grg+
-----END PGP SIGNATURE-----

--nextPart2416466.esUNh859vs--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200512231012.05320.no-spam>