From owner-freebsd-questions@FreeBSD.ORG Fri Oct 17 06:01:18 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1AA9816A4B3 for ; Fri, 17 Oct 2003 06:01:18 -0700 (PDT) Received: from smtp.infracaninophile.co.uk (ns0.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 158DA43F93 for ; Fri, 17 Oct 2003 06:01:16 -0700 (PDT) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [127.0.0.1]) h9HD0bHR002663 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 17 Oct 2003 14:01:09 +0100 (BST) (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost)id h9HD0aU1002662; Fri, 17 Oct 2003 14:00:36 +0100 (BST) (envelope-from matthew) Date: Fri, 17 Oct 2003 14:00:36 +0100 From: Matthew Seaman To: Antoine Jacoutot Message-ID: <20031017130036.GA2337@happy-idiot-talk.infracaninophile.co.uk> Mail-Followup-To: Matthew Seaman , Antoine Jacoutot , Kris Kennaway , freebsd-questions@freebsd.org References: <3F8F9E9C.1070909@lphp.org> <20031017084758.GB3259@rot13.obsecurity.org> <3F8FD0DD.3040404@lphp.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="qDbXVdCdHGoSgWSk" Content-Disposition: inline In-Reply-To: <3F8FD0DD.3040404@lphp.org> User-Agent: Mutt/1.5.4i X-Spam-Status: No, hits=-4.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=2.60 X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on happy-idiot-talk.infracaninophile.co.uk cc: freebsd-questions@freebsd.org cc: Kris Kennaway Subject: Re: ports security updates branch X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Oct 2003 13:01:18 -0000 --qDbXVdCdHGoSgWSk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Oct 17, 2003 at 01:22:05PM +0200, Antoine Jacoutot wrote: > Kris Kennaway wrote: > >>The reason I'm asking this is that I don't want to update my ports=20 > >>everytime a new version comes out... except if it has a security issue. > > > > > >FreeBSD doesn't provide this. Since our ports collection is about 5 > >times the size of OpenBSD's it's too much work. >=20 > Oh I know that :) > Ok, I can totally understand why it does not exist then. > However, is there a way to know if one of my installed packages has a=20 > security alert ? I guess not... but we never know... Subscribe to freebsd-security@... -- FreeBSD security notices cover problems with ported applications, as do security alerts when the software in question appears in both ports and the base system. Security notices tend to come out fairly infrequently and gather together notices about several different problems. Other ways of finding out about potential problems are to subscribe to such mailing lists as Bugtraq (see http://www.securityfocus.com/) and development mailing lists for individual software packages. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK --qDbXVdCdHGoSgWSk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/j+f0dtESqEQa7a0RAkH4AJ9/sOZoZ1vAwjKbzmTSVOmCeOd57QCaA9eR doY23rsP6yWpQLMdS25fMrc= =4KPu -----END PGP SIGNATURE----- --qDbXVdCdHGoSgWSk--