Date: Wed, 22 Dec 2004 12:13:51 +0900 (JST) From: Yoshiaki Kasahara <kasahara@nc.kyushu-u.ac.jp> To: distro.watch@msa.hinet.net Cc: stable@freebsd.org Subject: Re: PHP vulnerability and portupgrade Message-ID: <20041222.121351.52176614.kasahara@nc.kyushu-u.ac.jp> In-Reply-To: <200412220952.01107.distro.watch@msa.hinet.net> References: <200412220106.iBM16JlF080958@drugs.dv.isc.org> <200412220952.01107.distro.watch@msa.hinet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 22 Dec 2004 09:52:01 +0800, Ladislav Bodnar <distro.watch@msa.hinet.net> said: > Thanks a lot for your reply. If I understand things correctly, I need to > maintain two cvsup files - one that tracks security issues in the base > FreeBSD 5.3 system (tag=RELENG_5_3, src-all) and one for the ports > collection (tag=. , ports-all). Then every time I receive a FreeBSD > security advisory I run cvsup on the former, and every time portaudit tells > me about a new security issue in the ports collection, I run cvsup on the > latter, then use portupgrade to upgrade vulnerable ports. > > Is this correct? To do it easier, you can set some variables in /etc/make.conf as follows: SUP_UPDATE= yes SUP= /usr/local/bin/cvsup SUPFLAGS= -g -L 2 SUPHOST= cvsup.jp.FreeBSD.org (<- change as you like) SUPFILE= /usr/share/examples/cvsup/stable-supfile PORTSSUPFILE= /usr/share/examples/cvsup/ports-supfile Then type 'make update' in /usr/src. Your source tree will be updated using stable-supfile, and your ports tree will be updated using ports-supfile. Maybe you need to edit stable-supfile to retrieve RELENG_5_3. See /usr/share/examples/etc/make.conf and /usr/share/examples/cvsup/README for the detail. Regards, -- Yoshiaki Kasahara Computing and Communications Center, Kyushu University kasahara@nc.kyushu-u.ac.jp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041222.121351.52176614.kasahara>