FreeBSD source auto patcher script
Jacques A. Vidrine
nectar at FreeBSD.org
Fri Mar 5 16:42:51 PST 2004
On Thu, Mar 04, 2004 at 03:27:17PM +1100, Michael Vince wrote:
> Hi all
> I thought I would let you people know of a script that I coded that
> facilitates security patch updating on FreeBSD. When I wrote it I
> decided to called it Quickpatch for some reason even though because its
> source based its not necessarily the least bit quick at all :) I had
> kept it for my self for a while but I was recently provoked to release
> it as it could do greater good being out there on the net, because its
> in Perl its quite hackable for custom needs.
>
> http://www.roq.com/projects/quickpatch/
>
> It has the ability to do a range of different update tasks. These
> features include the ability to easily verify (using PGP) any and all
> advisories, easy setup and use of CVSUP for source and ports tree
> updates. Ability to extract all the useful data out of the official
> FreeBSD security advisories, such as necessary patch commands, security
> advisory topic, exact hours since the patch was made/released, then can
> create ready to run patch files or display/email a full report of that
> information. Also, it can optionally apply the patch files with no
> attendance. Because its highly cronable you can schedule in a 'patch
> mode' kernel recompile and reboot at early morning hours to minimize
> down time inconvenience to others.
Michael, that's terrific! We've contemplated switching to a
machine-readable format for advisories time and again. Now that
there is a tool that could make use of that, I'm going to investigate
switching again.
Cheers,
--
Jacques Vidrine / nectar at celabo.org / jvidrine at verio.net / nectar at freebsd.org
More information about the freebsd-security
mailing list