Security updates for packages?
Thomas Steen Rasmussen
thomas at gibfest.dk
Mon Dec 13 00:12:05 UTC 2010
On 13.12.2010 00:25, Doug Barton wrote:
> On 12/12/2010 12:28, Kevin Kreamer wrote:
>> Hi,
>>
>> Having not used FreeBSD for several years, I did a fresh install
>> yesterday
>> of 8.1-RELEASE, and then used pkg_add -r to install several packages. I
>> then came across portaudit, ran it, and it indicated that I had three
>> vulnerable packages (git, ruby, and sudo). Looking at
>> http://www.vuxml.org/freebsd/, it appears that these were reported in
>> July,
>> August, and September respectively.
>
> How did you install the package?
>
>
He said he installed it using pkg_add -r, which will have pulled the
package from
the 8.1-RELEASE repository which is quite old by now.
Kevin: You can set PACKAGESITE environment variable to a different path,
to get packages that are more up to date:
PACKAGESITE=ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-8-stable/Latest
pkg_add -r something
Hope this helps,
Thomas Steen Rasmussen
More information about the freebsd-ports
mailing list