FreeBSD Security Advisory FreeBSD-SA-14:31.ntp
Roger Marquis
marquis at roble.com
Wed Dec 31 19:54:25 UTC 2014
Dag-Erling Sm?rgrav wrote:
> Roger Marquis <marquis at roble.com> writes:
>> ... or those with constrained resources are never going to be able
>> to make/build/installworld for something as simple as a single binary
>> update.
>
> These sites would be better served using freebsd-update to download and
> apply binary patches.
Was afraid you might say that, not because it's unreasonable or
inevitable but because it illustrates the increasing tendency to refer
bug (and other) reports to use binary updates.
Problem with freebsd-update is that it has some of the same scope issues
as installworld. We've also had problems defining "-r" (in a jail) when
the booted kernel is not the revision we want to build to. Doesn't help
that "-r" doesn't parse patch levels.
freebsd-update also calls phttpget which has no man page. This is one
Linux-ism (missing man pages) that FreeBSD is usually good at avoiding.
> I would suggest discussing this with the FreeBSD Foundation. They have
> already taken an interest in the matter.
Thanks Dag,
Roger
More information about the freebsd-security
mailing list