On Wed, 1 Mar 2006, Randy Pratt wrote:
On Wed, 1 Mar 2006 10:09:51 -0800 (PST)
[EMAIL PROTECTED] wrote:
On Wed, 8 Feb 2006, Chris Maness wrote:
How should I set up cvsup to just track security updates for ports. And
would the best thing to do after I synced CVS, do portupgrade -a so
that everything selected gets rebuilt.
I'm not sure there is a way to do this for ports, other than manually
checking what's been changed and whether you consider that to be a
security upgrade, then upgrading each applicable port by hand. As far as
I understand, there is only one tag for ports ("tag=."), which gets you
the "current" ports tree. I *can* guarantee that others know more about
this than I do.
There is a port which does this for you (security/portaudit):
portaudit provides a system to check if installed ports are
listed in a database of published security vulnerabilities.
After installation it will update this security database
automatically and include its reports in the output of the
daily security run.
What is the equivalent for the base system?
Much simpler: just track RELENG_your_release to get security updates and
bug fixes and nothing else. For example, mine is RELENG_5_4 and
therefore tracks 5.4-RELEASE.
Additionally, I'd suggest subscribing to one of these mailing list so
that you are notified when a SA is issued:
[EMAIL PROTECTED]
freebsd-announce@freebsd.org
HTH,
Randy
--
Thanks, I do have port audit installed. I was refering to system
security. The base system + FreeBSD userland. I wanted to do this
because I did get a notice from the security list today. Do I do a make
buildworld, to update the system? Do I do this in /usr/src ?
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
