where to find security updates?
Alex de Kruijff
freebsd at akruijff.dds.nl
Thu Oct 14 05:33:08 PDT 2004
On Thu, Oct 14, 2004 at 01:57:35PM +0200, Matthias F. Brandstetter wrote:
> Hi all,
>
> I am somewhat new to FreeBSD, and so not 100% used to this ports and
> portaudit system.
>
> My daily sec. output says, that my installed "mod_php4-4.3.8_2" has two
> vulnerabilities. So I did an "cvsup /root/ports-supfile" and a "make
> search=mod_php4" afterwards. But I can only see "mod_php4-4.3.6" now,
> which does not look like an update to "mod_php4-4.3.8_2".
You go wrong here. There doesn't exist a command 'make search=...' it
should be 'make search name=mod_php4'. Because of this you have compiled
(but not installed) all recursive ports. To fix this do: make clean from
/usr/ports (this takes a while)
The most recent for me is: mod_php4-4.3.4_7,1
If you run 'pkg_version | grep php' then you can see if the port is
newer than the one you installed. A < means that this is the case.
> Now my question is: How should/can I update mod_php4, if there is no update
> available?
First install portupgrade:
# cd /usr/ports/sysutils/portupgrade/
# make install && make clean
Then do:
# rehash
# portupgrade -fR mod_php4
The R also compiles all ports that php4 uses and the f force a recompile
of ports that are of the current version. Its not allways required but
I've had some trouble with php. This solved the problem for me.
--
Alex
Please copy the original recipients, otherwise I may not read your reply.
WWW: http://www.kruijff.org/alex/FreeBSD/
More information about the freebsd-questions
mailing list