Date: Mon, 19 Dec 2005 13:01:17 -0600 From: Paul Schmehl <pauls@utdallas.edu> To: freebsd-questions@freebsd.org Subject: Re: ports security branch Message-ID: <124C8EC79D9A6FBB2A645B28@Paul-Schmehls-Computer.local> In-Reply-To: <43A6CA19.5020100@mail.ru> References: <43A6CA19.5020100@mail.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
--On December 19, 2005 6:56:25 PM +0400 rihad <rihad@mail.ru> wrote: > Is there a security branch for the FreeBSD ports collection? Let's say, > I installed FreeBSD 6.0 together with all needed -RELEASE ports/packages. > Running security/portaudit after a while reveals that some of the > installed packages have vulnerabilities. Am I on my own to go grab the > fresh ports tree, and upgrade the affected software, suffering all the > intricacies of the move by myself? Debian GNU/Linux has its security > package updates, OpenBSD has a separately maintained "errata" ports > branch (you still get to download a newer release of the software, though > (IIRC)). > On your own, but not in the sense you may think. If you cvsup your ports (I do it nightly for all my servers), then you can simply run portupgrade and all the affected ports will be upgraded (assuming you use the right switches - I use -ai because I want to be able to decline to upgrade a port if it's going to affect a lot of people and then schedule it for later that same day or the next.) I'm not sure what you mean by "suffering all the intricacies". Cvsup will fetch all the ports that have updates (assuming you use the right config - man is your friend), so you really don't have to do much except launch cvsup (if you haven't already scheduled it routinely) and then launch portupgrade once cvsup is done. When I set up a new server, one of the first things I do, before installing any applications, is run cvsup to update everything. Then I setup cvsup to run nightly, and only then to I begin installing whatever applications that particular server might need. Paul Schmehl (pauls@utdallas.edu) Adjunct Information Security Officer University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?124C8EC79D9A6FBB2A645B28>