PHP vulnerability and portupgrade

Ladislav Bodnar at
Tue Dec 21 16:55:05 PST 2004


Due to the recently discovered vulnerability in PHP versions older than 
4.3.10 and 5.0.3, I decided to take a look at portupgrade to see if it is a 
good way to keep the ports collection up-to-date with respect to security 
issues. I ran cvsup on the security branch (tag=RELENG_5_3), then portsdb 
-Uu. However, portupgrade didn't find any ports that needed an upgrade.

Am I doing something wrong or is portupgrade not the best tool to keep up 
with security advisories in ports?

Thank you for your help :-)

More information about the freebsd-stable mailing list