From owner-freebsd-security  Tue Mar 12 15: 3:13 2002
Delivered-To: freebsd-security@freebsd.org
Received: from vapour.net (vapour.net [198.96.117.180])
	by hub.freebsd.org (Postfix) with ESMTP id 9E83937B420
	for <freebsd-security@FreeBSD.ORG>; Tue, 12 Mar 2002 15:02:33 -0800 (PST)
Received: from vapour.net (vapour.net [198.96.117.180])
	by vapour.net (8.11.6/8.11.6) with ESMTP id g2CMtCb18515;
	Tue, 12 Mar 2002 17:55:14 -0500 (EST)
	(envelope-from batsy@vapour.net)
Date: Tue, 12 Mar 2002 17:55:04 -0500 (EST)
From: batz <batsy@vapour.net>
To: Christopher Schulte <schulte+freebsd@nospam.schulte.org>
Cc: lewwid <lewwid@telusplanet.net>, freebsd-security@FreeBSD.ORG,
	Max Mouse <maxmouse@maxmouse.org>
Subject: Managing port security upgrades (was:Re: PHP 4.1.2) 
In-Reply-To: <5.1.0.14.0.20020312161930.057a9240@pop3s.schulte.org>
Message-ID: <Pine.BSF.4.21.0203121730170.5001-100000@vapour.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Tue, 12 Mar 2002, Christopher Schulte wrote:

:The ports live on their own cvs island, there is no RELENG_ANYTHING 
:associated with them.  The combined tree is maintained separately from the 
:source code of the actual Operating System and bundled applications.

I had thought this, but it seemed your answers only came 
in the form of corrections, so I thought I would try to get 
an answer by postulating the opposite. 

:Just cvsup your ports tree daily, you'll pick up the new ports as the 
:maintainers fix/add them.  You can then opt to reinstall ports already in 
:use on your system.  If it's a new port install, you'll get the newest and 
:greatest automatically.  /usr/ports/sysutils/portupgrade is great for 
:keeping track of this kind of thing.

:I hope that sheds some light.
:
:Followups might be appropriate to -questions...

I'm not sure a discussion about streamlining the application of 
security patches is as relevant to -questions.  

Back to my original post, about whether cvs would be a useful way to 
manage security specific information, so that people who just wanted to 
fix open vulnerabilities could do so in a way that did not involve 
sucking down most of the ports tree if they had not upgraded it in a while. 

Has anyone else done anything especially different for managing security 
specific patches?

Thankyou for your time Christopher, 



--
batz


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message