Roland Smith wrote: > > > > If portaudit shows that some installed packages have vulnerabilities, > > what do you usually do? > > It depends on the vulnerability and what the package does. I will de-install > it if I think that the vulnerability is critical for me and there is no > workaround. > > Look at freshports [http://www.freshports.org/commits.php] regularly to see if > updates for vulnerable packages are available.
This is pretty obvious and I run portsnap from cron. > > Generally I like to run 'portsnap fetch update' followed by 'portmaster -ai' > (after reading /usr/ports/UPDATING) every week. This keeps the number of huge > compilefests (like gettext updates :-() to a minimum. Has portmaster ever screwed things up for you? > > For efficiency, I tend to keep one machine up-to-date in that way, > and use rsync to then distribute the changes in /usr/local to my > other machines. This only works for machines that are on the same > major FreeBSD version and architecture, of course. That's interesting. Do you also rsync /var/db/pkg ? -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN sip:suda...@sibptus.tomsk.ru _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
