Applying security updates to ports.

Xin LI delphij at
Wed Mar 26 12:32:52 PDT 2008

Siju George wrote:
> Hi,
> As far as I understand there is the ports tree that is released along
> with an OS release and the security updates to specific ports has to
> be followed through info on
> right?
> I ask this because I am more familiar with OpenBSD and it has
> 1) The ports tree that comes with the OS Release
> 2) The ports tree that gets only security updates ( called ports-stable)
> 3) The ports tree that has newer versions of ports ( called ports-current )

Currently we do not maintain many branches as OpenBSD did due to limited 
human and compiling resources.  What I usually do on FreeBSD is:

  - Update ports tree;
  - Install portupgrade, portaudit (both under ports-mgmt/)
  - portupgrade -rR `portaudit -Fqa`

The third step would update affected ports and their required 
dependencies plus ports depending on them.  This is not perfect (if 
there is shared library version bump, but dependent ports revison is not 
bumped) but works just fine in most cases.

Xin LI <delphij at>
FreeBSD - The Power to Serve!

More information about the freebsd-ports mailing list