From owner-freebsd-security@FreeBSD.ORG Wed Mar 3 20:27:32 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B69EE16A4CE for ; Wed, 3 Mar 2004 20:27:32 -0800 (PST) Received: from p4.ecoms.com (ns1.ecoms.com [207.44.130.137]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8135B43D1F for ; Wed, 3 Mar 2004 20:27:32 -0800 (PST) (envelope-from michael@roq.com) Received: from roq.com (CPE-203-51-130-228.vic.bigpond.net.au [203.51.130.228]) by p4.ecoms.com (Postfix) with ESMTP id A1C462681A3 for ; Thu, 4 Mar 2004 00:57:59 -0600 (CST) Message-ID: <4046B025.5010603@roq.com> Date: Thu, 04 Mar 2004 15:27:17 +1100 From: Michael Vince User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.6) Gecko/20040213 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-security@freebsd.org Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: FreeBSD source auto patcher script X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Mar 2004 04:27:32 -0000 Hi all I thought I would let you people know of a script that I coded that facilitates security patch updating on FreeBSD. When I wrote it I decided to called it Quickpatch for some reason even though because its source based its not necessarily the least bit quick at all :) I had kept it for my self for a while but I was recently provoked to release it as it could do greater good being out there on the net, because its in Perl its quite hackable for custom needs. http://www.roq.com/projects/quickpatch/ It has the ability to do a range of different update tasks. These features include the ability to easily verify (using PGP) any and all advisories, easy setup and use of CVSUP for source and ports tree updates. Ability to extract all the useful data out of the official FreeBSD security advisories, such as necessary patch commands, security advisory topic, exact hours since the patch was made/released, then can create ready to run patch files or display/email a full report of that information. Also, it can optionally apply the patch files with no attendance. Because its highly cronable you can schedule in a 'patch mode' kernel recompile and reboot at early morning hours to minimize down time inconvenience to others.