ports security branch
Ian Moore
no-spam at swiftdsl.com.au
Thu Dec 22 15:42:10 PST 2005
On Tuesday 20 December 2005 16:54, rihad wrote:
> Is there a security branch for the FreeBSD ports collection?
No, there isn't.
> Let's say,
> I installed FreeBSD 6.0 together with all needed -RELEASE ports/packages
> (i.e., those on the CD). Running security/portaudit after a while
> reveals that some of the installed packages have vulnerabilities. Am I
> on my own to go grab the fresh ports tree, and upgrade the affected
> software, suffering all the intricacies of the move by myself?
CVSUP & Portupgrade or portupdate makes this process very simple, they manage
all the intricacies for you. Check out Dru Lavigne's article on protupgrade
for a simple portupgrade how-to:
http://www.onlamp.com/pub/a/bsd/2003/08/28/FreeBSD_Basics.html
I update my ports with it all the time and rarely have problems.
If you only want to track security vulnerabilities, just portupgrade the ports
that have vulnerabilities - that would be roughly equivalent to tracking a
security branch.
> Debian
> GNU/Linux has its security package updates, OpenBSD has a separately
> maintained "errata" ports branch (it's very likely you still get to
> download a newer release of the software, though).
>
> Sorry if this is a bit OT. I've already asked this on freebsd-questions@
> but they told me there's no such thing at all.
Cheers,
--
Ian
gpg key: http://home.swiftdsl.com.au/~imoore/no-spam.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20051223/1cdac3a9/attachment.bin
More information about the freebsd-questions
mailing list