-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I personally use the ports tree for installing software. To update the whole ports tree you could run
cvsup -g -L 2 /usr/share/examples/cvsup/ports-supfile to get the latest ports *with* the patches for that port. You can also use cvsup to update your source (/usr/src) I also use portupgrade to update the installed ports. I have never used pkg_* because I have always felt pretty comfortable with the ports and feel no need to switch. I'm sure if openssh has some patches/fixes or whatever done to the package it will be updated so you can use it. Example. If you used the ports and gaim-8.0 came out but you only had 0.70 or whatever then all you would need to do is update your ports (like I showed u above) and do a portupgrade gaim and it would update it with the latest fixes/patches/version changes or whatever and resolve any depends. you may need. Using the ports is just a personal reference. I do recommend it though. Plesae check out this for further reading on cvsup http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html On Wed, 19 Nov 2003 23:08:06 -0800 "Kevin McKay" <[EMAIL PROTECTED]> wrote: > Thanks Bryan, > > Two other questions, if I do a pkg_add -r openssh today and then the > same command in 6 months will it always be the same precompiled binary > sitting on the server? Or are they updated with patches from time to > time? how does the openssh port binary differ from the oepnssh system > binary? I have looked all through the handbook and faq's but could not > find a definitive answer. > > Thanks > Kevin McKay > > ----- Original Message ----- > From: "Bryan Cassidy" <[EMAIL PROTECTED]> > To: "Kevin McKay" <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Sent: Wednesday, November 19, 2003 11:18 PM > Subject: Re: Security question > > > > I don't know anything about using sysinstall for security > > patches/upgrades etc. WHat your looking for I think is cvsup. Please > > read the handbook on Using CVSUP to get the latests source updates, > > security patches for your release and even updating to a different > > RELEASE or -CURRENT or -STABLE. > > > > On Wed, 19 Nov 2003 09:23:37 -0800 > > Kevin McKay <[EMAIL PROTECTED]> wrote: > > > > > So it will not just grab the latest patched binaries for 5.1? I am > > > not > > > > > > sure I understand. Is it just for updating between releases and > > > not for keeping the current release up to date? > > > > > > Kevin > > > > > > Lowell Gilbert wrote: > > > > > > >"Kevin McKay" <[EMAIL PROTECTED]> writes: > > > > > > > > > > > > > > > >>I have read through the documentation but have not been able to > > > >find>a definite answer. I am running a pretty core install of 5.1 > > > >minimal>+ bind9, postfix, apache, ssh, no ports collection. Here > > > >is my>question. When I run the binary update from sysinstall will > > > >that>take care of the earlier ssh vulnerability and update apache > > > >postfix>and bind to the most current version? > > > >> > > > >> > > > > > > > >You normally need to run the sysinstall from the version you're > > > >updating to. You could configure your system's sysinstall to > > > >load in the later version, and it should be compatible, but I > > > >don't know the syntax for that offhand... > > > > > > > > > > > > > > _______________________________________________ > > > [EMAIL PROTECTED] mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > > To unsubscribe, send any mail to > > > "[EMAIL PROTECTED]" > > > > _______________________________________________ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/vJfJjnOL7dYm/EQRAh42AJ9IoVVzzRF8Qb9ykPGV2twsFfpHIwCg4uMO QzUGdPvRWH7Y6Kf8NzRAIj0= =U+z7 -----END PGP SIGNATURE----- _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"