Patch vs. Upgrade

Cody Holland cholland at redmoonbroadband.com
Wed Oct 12 11:42:44 PDT 2005


On 10/12/05, Andrew P. <infofarmer at gmail.com> wrote:
> > If things are not too tight on your hard drive, consider the cvsup 
> > way. It's very easy - and very clearly described in the handbook.
> 
> I've seen many people say this, but I suspect they haven't 
> tried looking for information on patching using cvsup in the 
> handbook. It's not easy to find. I think we're doing a 
> disservice to the community directing people there without 
> pointing them to a specific page (it is a 4MB document).
> 
> The notes on using cvsup to keep your system up to date are 
> under the section header "Cutting Edge". I dunno about you, 
> but when it comes to security patches, I'd like to see them 
> as easy as possible, not something as elite as that. Maybe 
> that's just a poor choice of a title, though.
> 
> The only specifically correct information -- using 'standard-supfile'
> -- appears under the header "Using FreeBSD-CURRENT", a 
> section most newbies certainly ought to avoid unless they 
> want to run bleeding-edge may-not-compile-at-all code.
> 
> In any case, a direct link to the information on how to keep 
> your system up to date is available here:
> 
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/curr
> ent-stable.html#AEN27683
> 
> You only need to read paragraph 2a -- the rest has to do with 
> -CURRENT and other crufty methods of getting source. Then you 
> can skip to:
> 
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/sync
> hing.html
> 
> and read that and the next page. That should be enough to get 
> you going with the latest -RELEASE-pNN patch level.
> 

Thanks for the response.  I did  a terrible job of asking the correct
question to get the response I wanted.  I do know to cvsup the source
and build/make world.  I currently have 4 FreeBSD servers in production
serving various tasks.  The question I should have been asking is:
Is using the security patches provided by the FreeBSD maintainers as
good as actually updating the whole server?  What are the pros and cons
of using the security patches vs. full source upgrade via cvsup?

Thanks,
Cody


More information about the freebsd-questions mailing list