PHP vulnerability and portupgrade
Yoshiaki Kasahara
kasahara at nc.kyushu-u.ac.jp
Tue Dec 21 19:13:56 PST 2004
On Wed, 22 Dec 2004 09:52:01 +0800,
Ladislav Bodnar <distro.watch at msa.hinet.net> said:
> Thanks a lot for your reply. If I understand things correctly, I need to
> maintain two cvsup files - one that tracks security issues in the base
> FreeBSD 5.3 system (tag=RELENG_5_3, src-all) and one for the ports
> collection (tag=. , ports-all). Then every time I receive a FreeBSD
> security advisory I run cvsup on the former, and every time portaudit tells
> me about a new security issue in the ports collection, I run cvsup on the
> latter, then use portupgrade to upgrade vulnerable ports.
>
> Is this correct?
To do it easier, you can set some variables in /etc/make.conf as
follows:
SUP_UPDATE= yes
SUP= /usr/local/bin/cvsup
SUPFLAGS= -g -L 2
SUPHOST= cvsup.jp.FreeBSD.org (<- change as you like)
SUPFILE= /usr/share/examples/cvsup/stable-supfile
PORTSSUPFILE= /usr/share/examples/cvsup/ports-supfile
Then type 'make update' in /usr/src. Your source tree will be updated
using stable-supfile, and your ports tree will be updated using
ports-supfile. Maybe you need to edit stable-supfile to retrieve
RELENG_5_3.
See /usr/share/examples/etc/make.conf and /usr/share/examples/cvsup/README
for the detail.
Regards,
--
Yoshiaki Kasahara
Computing and Communications Center, Kyushu University
kasahara at nc.kyushu-u.ac.jp
More information about the freebsd-stable
mailing list