Date: Mon, 5 Apr 2004 11:28:58 -0700 From: Gary Kline <kline@thought.org> To: Matthew Seaman <m.seaman@infracaninophile.co.uk>, Brian Astill <bastill@adam.com.au>, freebsd-questions@freebsd.org Subject: Re: pkgdb -F issues Message-ID: <20040405182858.GA73304@tao.thought.org> In-Reply-To: <20040405111806.GA68885@happy-idiot-talk.infracaninophile.co.uk> References: <200404052024.40022.bastill@adam.com.au> <20040405111806.GA68885@happy-idiot-talk.infracaninophile.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Apr 05, 2004 at 12:18:06PM +0100, Matthew Seaman wrote: > On Mon, Apr 05, 2004 at 08:24:40PM +0930, Brian Astill wrote: [[ ... ]] > > > > Looked diligently for detailed guidance on pkgdb (Complete FBSD 3rd & > > 4th Eds, Handbook, man page, FBSD Diary) but found nothing very > > helpful. The Diary " As near as I can tell, this is more art than > > science." and "Or you can just "know". were MOST discouraging. :-( > > > > Can someone please point me in the right direction? > > Thanks. > > Well, the dependency on openssl-0.9.7d indicates you've installed > openssl via ports. Perhaps. However, openssl-0.9.7d was imported > into 4-STABLE over the weekend, and it's been in 5-CURRENT for a > couple of weeks. Which means that if you're going to be updating to > the latest 4-STABLE you can delete any openssl port[*] you've got > installed and also delete that dependency. > > You can also delete that dependency if you've never installed openssl > from ports and have no intention of doing so -- so long as you're up > to date with the security patches, you'll be running a version of > openssl with all of the known holes patched, even if it doesn't carry > absolutely the latest version number. > > Otherwise, you should be able to just update the security/openssl port > (which will get you openssl-0.9.7d nowadays) and everything will be > back to normal. > > Cheers, > > Matthew > > [*] Lest this leads to much wailing and gnashing of teeth, I should > stress here that you'll also have to recompile any ports that link > against the OpenSSL shlibs so that they pick up the shlibs from the > base system. > Matthew, is there any way of collecting a list of these ports so they may be automated, at least ro some degree? Run portupgrade at a low prio else at night? I'm looking for some way of upgrading what must be upgraded, with MIN intervention... . thanks for any insights, gary -- Gary Kline kline@thought.org www.thought.org Public service Unix
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040405182858.GA73304>