Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 23 Dec 2005 10:11:56 +1030
From:      Ian Moore <no-spam@swiftdsl.com.au>
To:        freebsd-questions@freebsd.org
Cc:        rihad <rihad@mail.ru>
Subject:   Re: ports security branch
Message-ID:  <200512231012.05320.no-spam@swiftdsl.com.au>
In-Reply-To: <43A7A39D.7000305@mail.ru>
References:  <43A7A39D.7000305@mail.ru>
next in thread | previous in thread | raw e-mail | index | archive | help 

[-- Attachment #1 --]
On Tuesday 20 December 2005 16:54, rihad wrote:
> Is there a security branch for the FreeBSD ports collection? 
No, there isn't.

> Let's say, 
> I installed FreeBSD 6.0 together with all needed -RELEASE ports/packages
> (i.e., those on the CD). Running security/portaudit after a while
> reveals that some of the installed packages have vulnerabilities. Am I
> on my own to go grab the fresh ports tree, and upgrade the affected
> software, suffering all the intricacies of the move by myself? 

CVSUP & Portupgrade or portupdate makes this process very simple, they manage 
all the intricacies for you. Check out Dru Lavigne's article on protupgrade 
for a simple portupgrade how-to:
http://www.onlamp.com/pub/a/bsd/2003/08/28/FreeBSD_Basics.html
I update my ports with it all the time and rarely have problems. 

If you only want to track security vulnerabilities, just portupgrade the ports 
that have vulnerabilities - that would be roughly equivalent to tracking a 
security branch.

> Debian 
> GNU/Linux has its security package updates, OpenBSD has a separately
> maintained "errata" ports branch (it's very likely you still get to
> download a newer release of the software, though).
>
> Sorry if this is a bit OT. I've already asked this on freebsd-questions@
> but they told me there's no such thing at all.

Cheers,
-- 
Ian
gpg key: http://home.swiftdsl.com.au/~imoore/no-spam.asc

[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)

iD8DBQBDqznNPUlnmbKkJ6ARAt1IAJ98kErsNP/LAh4TNrIEH/iYPtp5PgCbBN2h
UlQRhP0Yacf1ZopMC5CA4Aw=
=grg+
-----END PGP SIGNATURE-----

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200512231012.05320.no-spam>