From owner-freebsd-security Wed Mar 13 7: 1:30 2002 Delivered-To: freebsd-security@freebsd.org Received: from proxy.centtech.com (moat.centtech.com [206.196.95.10]) by hub.freebsd.org (Postfix) with ESMTP id 27B9437B41A for ; Wed, 13 Mar 2002 07:00:57 -0800 (PST) Received: from sprint.centtech.com (sprint.centtech.com [10.177.173.31]) by proxy.centtech.com (8.11.6/8.11.6) with ESMTP id g2DF0pK04988; Wed, 13 Mar 2002 09:00:51 -0600 (CST) Received: from centtech.com (proton [10.177.173.77]) by sprint.centtech.com (8.9.3+Sun/8.9.3) with ESMTP id JAA23605; Wed, 13 Mar 2002 09:00:50 -0600 (CST) Message-ID: <3C8F6984.F90D02C@centtech.com> Date: Wed, 13 Mar 2002 09:00:20 -0600 From: Eric Anderson Reply-To: anderson@centtech.com Organization: Centaur Technology X-Mailer: Mozilla 4.79 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Andrew McNaughton Cc: batz , Christopher Schulte , lewwid , freebsd-security@freebsd.org, Max Mouse Subject: Re: Managing port security upgrades (was:Re: PHP 4.1.2) References: <20020313194713.A3633-100000@a2> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Andrew McNaughton wrote: > > On Tue, 12 Mar 2002, batz wrote: > > Has anyone else done anything especially different for managing security > > specific patches? > > Rather than looking at separate distribution of ports, why not look at a > protocol for providing a list of versions of ports which are insecure. > This could be added into the daily security check. No remedy to problems > found, just notification. Something similar to the version checking > available through periodic at present except that it would only cover > security issues. > > Andrew McNaughton That would be pretty handy - as long as you could tell it "only look at installed ports" or "look at all ports", and other things like a way to tell it to exclude certain ports from checking. Eric -- ------------------------------------------------------------------ Eric Anderson Systems Administrator Centaur Technology If at first you don't succeed, sky diving is probably not for you. ------------------------------------------------------------------ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message