[RFC] Ideas and Questions in security updates ( portaudit,
freebsd-update)
Tom McLaughlin
tmclaugh at sdf.lonestar.org
Tue Apr 11 00:57:50 UTC 2006
On Mon, 2006-04-10 at 16:03 -0300, Ricardo A. Reis wrote:
> Hi all,
> <snip>
> About Ports security issues, one idea is integrate portaudit and
> portupgrade or create another tool for update ports,
> this ideia is based in Gentoo glsa-check
> ( http://www.gentoo.org/doc/en/security/security-handbook.xml?part=1&chap=14
> )
>
I recently saw glsa-check while talking to a Gentoo dev at Linux World
this past week. It's very nice but does not fit in with our tree and
updating model. Gentoo supports updating individual ports while leaving
other ports on the system untouched. We do not support this sort of
updating model. To get security updates for the FreeBSD collection you
have one of two options. Either A) follow the recommended procedure and
update all ports when a security issue for one arises or B) backport
patches yourself and support all potential problems yourself.
Tom
>
>
> Thanks for Attention and sorry for my bad english.
>
> Ricardo A. Reis
> UNIFESP
> Unix and Network Admin
--
| tmclaugh at sdf.lonestar.org tmclaugh at FreeBSD.org |
| FreeBSD http://www.FreeBSD.org |
| BSD# http://www.mono-project.com/Mono:FreeBSD |
More information about the freebsd-security
mailing list