Security question

Kevin McKay kevin at dhap.com
Wed Nov 19 23:00:14 PST 2003 

Thanks Bryan,

Two other questions, if I do a pkg_add -r openssh today and then the same
command in 6 months will it always be the same precompiled binary sitting on
the server? Or are they updated with patches from time to time?  how does
the openssh port binary differ from the oepnssh system binary? I have looked
all through the handbook and faq's but could not find a definitive answer.

Thanks
Kevin McKay

----- Original Message ----- 
From: "Bryan Cassidy" <b_cassidy at bellsouth.net>
To: "Kevin McKay" <kevin at dhapdigital.com>
Cc: <freebsd-questions at freebsd.org>
Sent: Wednesday, November 19, 2003 11:18 PM
Subject: Re: Security question


> I don't know anything about using sysinstall for security
> patches/upgrades etc. WHat your looking for I think is cvsup. Please
> read the handbook on Using CVSUP to get the latests source updates,
> security patches for your release and even updating to a different
> RELEASE or -CURRENT or -STABLE.
>
> On Wed, 19 Nov 2003 09:23:37 -0800
> Kevin McKay <kevin at dhapdigital.com> wrote:
>
> > So it will not just grab the latest patched binaries for 5.1? I am not
> >
> > sure I understand. Is it just for updating between releases and not
> > for keeping the current release up to date?
> >
> > Kevin
> >
> > Lowell Gilbert wrote:
> >
> > >"Kevin McKay" <kevin at dhap.com> writes:
> > >
> > >
> > >
> > >>I have read through the documentation but have not been able to find
> > >>a definite answer. I am running a pretty core install of 5.1 minimal
> > >>+ bind9, postfix, apache, ssh, no ports collection. Here is my
> > >>question. When I run the binary update from sysinstall will that
> > >>take care of the earlier ssh vulnerability and update apache postfix
> > >>and bind to the most current version?
> > >>
> > >>
> > >
> > >You normally need to run the sysinstall from the version you're
> > >updating to.  You could configure your system's sysinstall to load in
> > >the later version, and it should be compatible, but I don't know the
> > >syntax for that offhand...
> > >
> > >
> >
> > _______________________________________________
> > freebsd-questions at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
> > "freebsd-questions-unsubscribe at freebsd.org"
>

More information about the freebsd-questions mailing list