From owner-freebsd-stable@FreeBSD.ORG Thu Aug 28 13:22:12 2003 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8D45E16A4BF for ; Thu, 28 Aug 2003 13:22:12 -0700 (PDT) Received: from pd4mo1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3A2EE43FBD for ; Thu, 28 Aug 2003 13:22:10 -0700 (PDT) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from pd4mr1so.prod.shaw.ca (pd4mr1so-qfe3.prod.shaw.ca [10.0.141.212]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.16 (built May 14 2003)) with ESMTP id <0HKC00AHLJ8WBX@l-daemon> for stable@freebsd.org; Thu, 28 Aug 2003 14:22:08 -0600 (MDT) Received: from pn2ml7so.prod.shaw.ca (pn2ml7so-qfe0.prod.shaw.ca [10.0.121.151]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.16 (built May 14 2003)) with ESMTP id <0HKC00BA2J8WPL@l-daemon> for stable@freebsd.org; Thu, 28 Aug 2003 14:22:08 -0600 (MDT) Received: from piii600.wadham.ox.ac.uk (h24-87-233-42.vc.shawcable.net [24.87.233.42]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.16 (built May 14 2003)) with ESMTP id <0HKC000KOJ8T8J@l-daemon> for stable@freebsd.org; Thu, 28 Aug 2003 14:22:08 -0600 (MDT) Date: Thu, 28 Aug 2003 13:22:01 -0700 From: Colin Percival In-reply-to: <4.3.2.7.2.20030828133145.0313d860@localhost> X-Sender: cperciva@popserver.sfu.ca To: Brett Glass , stable@freebsd.org Message-id: <5.0.2.1.1.20030828130814.01c6dfd8@popserver.sfu.ca> MIME-version: 1.0 X-Mailer: QUALCOMM Windows Eudora Version 5.0.2 Content-type: text/plain; charset=us-ascii; format=flowed Content-transfer-encoding: 7BIT References: <5.0.2.1.1.20030828110441.02d9f580@popserver.sfu.ca> <4.3.2.7.2.20030828120019.0324b6a0@localhost> <5.0.2.1.1.20030828103403.02d683a8@popserver.sfu.ca> <200308280638.AAA19221@lariat.org> Subject: Re: Need to build some systems this week. Snapshots? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Aug 2003 20:22:12 -0000 At 13:54 28/08/2003 -0600, Brett Glass wrote: >What does one do about packages and ports? It appears that the binary >packages on the FreeBSD servers are never updated between releases... >which means that if a bug is in a package or is compiled into a package >(as with the realpath problem), the FreeBSD servers keep sending out >exploitable copies of that package indefinitely. The situation with ports >is a bit better, but how does one know which ones to recompile and >reinstall? Does your update system handle this situation and/or warn about it? FreeBSD Update only concerns itself with the base FreeBSD distribution -- I simply don't have the resources to build any more than that. However, one simple approach to the ports problem would be to # find /usr/local/ -perm +111 -type f -exec file {} \; | grep "statically linked" | cut -f 1 -d ':' and rebuild the applicable ports. Now that I think about it, I might add some sort of functionality like that (providing a listing of ports which need to be rebuilt) into a future version of FreeBSD Update. Colin Percival