Hi,
Last years all Security Advisories regarding base system in the "update
your vulnerable system via a source code patch " section recommends to
rebuild a whole world instead of an affected part of a base system. This
is in a most cases an overhead.
For example 9 years old SA-11:04 [1] offers:
b) Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
# cd /usr/src/usr.bin/compress
# make obj && make depend && make && make install
# cd /usr/src/usr.bin/gzip
# make obj && make depend && make && make install
What is a reason we stop to do it? I understand that the preferred way
now is a binary upgrade.
Thank you.
[1]
https://www.freebsd.org/security/advisories/FreeBSD-SA-11:04.compress.asc
_______________________________________________
freebsd-security@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"