Security updates for packages?

Thomas Steen Rasmussen thomas at
Mon Dec 13 00:12:05 UTC 2010

  On 13.12.2010 00:25, Doug Barton wrote:
> On 12/12/2010 12:28, Kevin Kreamer wrote:
>> Hi,
>> Having not used FreeBSD for several years, I did a fresh install 
>> yesterday
>> of 8.1-RELEASE, and then used pkg_add -r to install several packages.  I
>> then came across portaudit, ran it, and it indicated that I had three
>> vulnerable packages (git, ruby, and sudo). Looking at
>>, it appears that these were reported in 
>> July,
>> August, and September respectively.
> How did you install the package?
He said he installed it using pkg_add -r, which will have pulled the 
package from
the 8.1-RELEASE repository which is quite old by now.

Kevin: You can set PACKAGESITE environment variable to a different path,
to get packages that are more up to date:

pkg_add -r something

Hope this helps,

Thomas Steen Rasmussen

More information about the freebsd-ports mailing list