From owner-freebsd-security@FreeBSD.ORG  Tue Apr 11 00:57:50 2006
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B503A16A405
	for <freebsd-security@freebsd.org>;
	Tue, 11 Apr 2006 00:57:50 +0000 (UTC)
	(envelope-from tmclaugh@sdf.lonestar.org)
Received: from straycat.dhs.org (c-24-63-86-11.hsd1.ma.comcast.net
	[24.63.86.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id CC57343D6E
	for <freebsd-security@freebsd.org>;
	Tue, 11 Apr 2006 00:57:47 +0000 (GMT)
	(envelope-from tmclaugh@sdf.lonestar.org)
Received: from bofh.straycat.dhs.org (bofh.straycat.dhs.org [192.168.1.56])
	by straycat.dhs.org (8.13.4/8.13.4) with ESMTP id k3B0vkko027007;
	Mon, 10 Apr 2006 20:57:46 -0400 (EDT)
From: Tom McLaughlin <tmclaugh@sdf.lonestar.org>
To: "Ricardo A. Reis" <ricardo_bsd@yahoo.com.br>
In-Reply-To: <op.s7s27acfp1tyz6@localhost>
References: <op.s7s27acfp1tyz6@localhost>
Content-Type: text/plain
Date: Mon, 10 Apr 2006 20:57:46 -0400
Message-Id: <1144717066.1824.12.camel@localhost>
Mime-Version: 1.0
X-Mailer: Evolution 2.6.0 FreeBSD GNOME Team Port 
Content-Transfer-Encoding: 7bit
Cc: freebsd-security@freebsd.org
Subject: Re: [RFC] Ideas and Questions  in security updates ( portaudit,
	freebsd-update)
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Apr 2006 00:57:50 -0000

On Mon, 2006-04-10 at 16:03 -0300, Ricardo A. Reis wrote:
> Hi all,
> <snip>
>         About Ports security issues, one idea is integrate portaudit and
> portupgrade or create another tool for update ports,
> this ideia is based in Gentoo glsa-check
> ( http://www.gentoo.org/doc/en/security/security-handbook.xml?part=1&chap=14
> )
> 

I recently saw glsa-check while talking to a Gentoo dev at Linux World
this past week.  It's very nice but does not fit in with our tree and
updating model.  Gentoo supports updating individual ports while leaving
other ports on the system untouched.  We do not support this sort of
updating model.  To get security updates for the FreeBSD collection you
have one of two options.  Either A) follow the recommended procedure and
update all ports when a security issue for one arises or B) backport
patches yourself and support all potential problems yourself.

Tom
> 
> 
> Thanks for Attention and sorry for my bad english.
> 
> Ricardo A. Reis
> UNIFESP
> Unix and Network Admin

-- 
| tmclaugh at sdf.lonestar.org             tmclaugh at FreeBSD.org |
| FreeBSD                                   http://www.FreeBSD.org |
| BSD#                    http://www.mono-project.com/Mono:FreeBSD |