Port Changes FAQ

Matthew Seaman matthew at FreeBSD.org
Sun Jun 15 16:51:24 UTC 2014

On 15/06/2014 14:38, Chris Maness wrote:
> Thanks, guys.  I like the new pkg (8) command.  Will they be
> recompiling ports whenever they have been patched against
> vulnerabilities?

The official pkg sets get updated on a weekly basis -- a snap shot of
the ports tree is taken on a Wednesday, and packages are built from
that, which generally takes a few days, so new packages are usually
available on Saturday.

The worst case scenario is that a vulnerability is announced on a
Wednesday after the weekly build has begun, so the fixed package
wouldn't then appear in the repos until about 10 days later.

For a really serious vulnerability with exploits in the wild, I'm sure
the usual package building schedule would be modified.  It's also the
case that portmgr (who are in charge of building the packages) work
closely with secteam and ports-secteam so can get advanced warning
before vulnerabilities are published.  Meaning they could have fixed
packages ready when the announcement is made.  But that depends on many
outside factors, so cannot be relied upon.



Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1036 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20140615/6819f2f8/attachment.sig>

More information about the freebsd-questions mailing list