A question about Security Advisories
Eugene Grosbein
eugen at grosbein.net
Tue Aug 11 07:36:40 UTC 2020
11.08.2020 14:21, Oleksandr Kryvulia wrote:
>
> Hi,
> Last years all Security Advisories regarding base system in the "update your vulnerable system via a source code patch " section recommends to rebuild a whole world instead of an affected part of a base system. This is in a most cases an overhead.
>
> For example 9 years old SA-11:04 [1] offers:
>
> b) Execute the following commands as root:
>
> # cd /usr/src
> # patch < /path/to/patch
> # cd /usr/src/usr.bin/compress
> # make obj && make depend && make && make install
> # cd /usr/src/usr.bin/gzip
> # make obj && make depend && make && make install
>
> What is a reason we stop to do it? I understand that the preferred way now is a binary upgrade.
> Thank you.
Also binary upgrade is not an option for STABLE users.
More information about the freebsd-security
mailing list