From owner-freebsd-questions@FreeBSD.ORG  Mon Feb 16 23:22:33 2015
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 284116CC
 for <freebsd-questions@freebsd.org>; Mon, 16 Feb 2015 23:22:33 +0000 (UTC)
Received: from plane.gmane.org (plane.gmane.org [80.91.229.3])
 (using TLSv1 with cipher AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id D3F39173
 for <freebsd-questions@freebsd.org>; Mon, 16 Feb 2015 23:22:32 +0000 (UTC)
Received: from list by plane.gmane.org with local (Exim 4.69)
 (envelope-from <freebsd-questions@m.gmane.org>) id 1YNUzk-0000S8-Fz
 for freebsd-questions@freebsd.org; Tue, 17 Feb 2015 00:22:29 +0100
Received: from 63-245-179-205.ip.mtelco.net ([63-245-179-205.ip.mtelco.net])
 by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
 id 1AlnuQ-0007hv-00
 for <freebsd-questions@freebsd.org>; Tue, 17 Feb 2015 00:22:28 +0100
Received: from jgoerzen by 63-245-179-205.ip.mtelco.net with local (Gmexim 0.1
 (Debian)) id 1AlnuQ-0007hv-00
 for <freebsd-questions@freebsd.org>; Tue, 17 Feb 2015 00:22:28 +0100
X-Injected-Via-Gmane: http://gmane.org/
To: freebsd-questions@freebsd.org
From: John Goerzen <jgoerzen@complete.org>
Subject: Re: pkg audit finds updates, but pkg upgrade doesn't
Date: Mon, 16 Feb 2015 23:22:21 +0000 (UTC)
Lines: 29
Message-ID: <loom.20150217T002048-206@post.gmane.org>
References: <loom.20150216T230822-352@post.gmane.org>
 <20150216224753.73143297@curlew.lan>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: sea.gmane.org
User-Agent: Loom/3.14 (http://gmane.org/)
X-Loom-IP: 63.245.179.205 (Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Firefox/31.0 Iceweasel/31.4.0)
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Feb 2015 23:22:33 -0000

Mike Clarke <jmc-freebsd2 <at> milibyte.co.uk> writes:

> 
> xorg-server was modified on Thursday Feb 12th at 19:58:41 to fix this
> vulnerability
>
<https://svnweb.freebsd.org/ports/head/x11-servers/xorg-server/Makefile?view=log>
> .
> The latest package builds started on Wednesday 11th
> <http://beefy2.isc.freebsd.org/#latest_builds> and
> <http://beefy1.isc.freebsd.org/#latest_builds>. It looks like they all
> used snapshots from before the new version was available except for
> 84i386-default and 84amd64-default. The next package build should start
> in a couple of days time on Wednesday 18th.
> 

Ah, ok, so packages are built once a week then?  What do people do when they
want their security updates faster, if they were using packages instead of
ports primarily?  I suppose one could install the port, but then wouldn't
that typically pull in a lot of development dependencies that might not
otherwise have been needed on a system?

In my particular case, I do have /usr/ports installed but didn't use it for
this.  I'm not super-worried about this particular issue, but in general,
what's the right way to proceed?

Thanks,

John