From owner-freebsd-stable@FreeBSD.ORG  Wed Dec 22 00:55:05 2004
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B9E3216A4CF
	for <stable@freebsd.org>; Wed, 22 Dec 2004 00:55:05 +0000 (GMT)
Received: from msr65.hinet.net (msr65.hinet.net [168.95.4.165])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0C9DC43D3F
	for <stable@freebsd.org>; Wed, 22 Dec 2004 00:55:05 +0000 (GMT)
	(envelope-from distro.watch@msa.hinet.net)
Received: from [192.168.0.128] (61-229-2-147.dynamic.hinet.net [61.229.2.147])
	by msr65.hinet.net (8.9.3/8.9.3) with ESMTP id IAA22231
	for <stable@freebsd.org>; Wed, 22 Dec 2004 08:55:03 +0800 (CST)
From: Ladislav Bodnar <distro.watch@msa.hinet.net>
Organization: DistroWatch.com
To: stable@freebsd.org
Date: Wed, 22 Dec 2004 08:55:07 +0800
User-Agent: KMail/1.7.1
MIME-Version: 1.0
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200412220855.07654.distro.watch@msa.hinet.net>
Subject: PHP vulnerability and portupgrade
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Production branch of FreeBSD source code
	<freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Dec 2004 00:55:05 -0000

Hello,

Due to the recently discovered vulnerability in PHP versions older than 
4.3.10 and 5.0.3, I decided to take a look at portupgrade to see if it is a 
good way to keep the ports collection up-to-date with respect to security 
issues. I ran cvsup on the security branch (tag=RELENG_5_3), then portsdb 
-Uu. However, portupgrade didn't find any ports that needed an upgrade.

Am I doing something wrong or is portupgrade not the best tool to keep up 
with security advisories in ports?

Thank you for your help :-)