On Wed, 1 Mar 2006 10:09:51 -0800 (PST) [EMAIL PROTECTED] wrote: > > On Wed, 8 Feb 2006, Chris Maness wrote: > > > >> How should I set up cvsup to just track security updates for ports. And > would the best thing to do after I synced CVS, do portupgrade -a so > that everything selected gets rebuilt. > > > > I'm not sure there is a way to do this for ports, other than manually > checking what's been changed and whether you consider that to be a > security upgrade, then upgrading each applicable port by hand. As far as > I understand, there is only one tag for ports ("tag=."), which gets you > the "current" ports tree. I *can* guarantee that others know more about > this than I do.
There is a port which does this for you (security/portaudit): portaudit provides a system to check if installed ports are listed in a database of published security vulnerabilities. After installation it will update this security database automatically and include its reports in the output of the daily security run. > >> What is the equivalent for the base system? > > > > Much simpler: just track RELENG_your_release to get security updates and > bug fixes and nothing else. For example, mine is RELENG_5_4 and > > therefore tracks 5.4-RELEASE. Additionally, I'd suggest subscribing to one of these mailing list so that you are notified when a SA is issued: [EMAIL PROTECTED] freebsd-announce@freebsd.org HTH, Randy -- _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"