PHP vulnerability and portupgrade
Mark Andrews
Mark_Andrews at isc.org
Tue Dec 21 17:06:25 PST 2004
> Hello,
>
> Due to the recently discovered vulnerability in PHP versions older than
> 4.3.10 and 5.0.3, I decided to take a look at portupgrade to see if it is a
> good way to keep the ports collection up-to-date with respect to security
> issues. I ran cvsup on the security branch (tag=RELENG_5_3), then portsdb
> -Uu. However, portupgrade didn't find any ports that needed an upgrade.
>
> Am I doing something wrong or is portupgrade not the best tool to keep up
> with security advisories in ports?
cvsup of ports does not use tag=RELENG_5_3.
e.g.
*default host=cvsup.FreeBSD.org
*default base=/usr
*default prefix=/usr
*default release=cvs
*default delete use-rel-suffix
*default tag=.
ports-all
Use portaudit to track security issues in ports.
> Thank you for your help :-)
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the freebsd-stable
mailing list