Can't upgrade ports collection
Hi, I'm getting reports that some of the packages I've installed have vulnerabilities when running portaudit -Fda I've tried to update the ports tree running cd /usr/ports portsnap update , but it tells me the tree is already up to date. I've also tried removing everything from /usr/ports (even the dot files), and then running portsnap fetch portsnap extract portsnap update portupgrade -a (portsnap update should be redundant, but just to be sure), but nothing is upgraded, and portaudit still complains. What am I doing wrong? -- Victor Engmark Quidquid latine dictum sit, altum videtur - What is said in Latin, sounds profound ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Can't upgrade ports collection
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Victor Engmark wrote: Hi, I'm getting reports that some of the packages I've installed have vulnerabilities when running portaudit -Fda I've tried to update the ports tree running cd /usr/ports portsnap update , but it tells me the tree is already up to date. I've also tried removing everything from /usr/ports (even the dot files), and then running portsnap fetch portsnap extract portsnap update portupgrade -a (portsnap update should be redundant, but just to be sure), but nothing is upgraded, and portaudit still complains. What am I doing wrong? Nothing, the ports tree is frozen right know - virtually nothing will be updated until xorg 7.2 gets tested and imported[1]. HTH, Karol [1] you might be interested in this thread: http://lists.freebsd.org/pipermail/freebsd-ports/2007-May/040680.html - -- Karol Kwiatkowski karol.kwiat at gmail dot com OpenPGP 0x06E09309 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGSYPxezeoPAwGIYsRCH6oAJ9suCuSHzDiRE/20Jqj7d2KE90gXQCgncze ErGjnSwJqV3geEHYg8sVGXs= =2yNJ -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Can't upgrade ports collection
On 5/15/07, Karol Kwiatkowski [EMAIL PROTECTED] wrote: Victor Engmark wrote: I'm getting reports that some of the packages I've installed have vulnerabilities when running portaudit -Fda I've tried to update the ports tree running cd /usr/ports portsnap update , but it tells me the tree is already up to date. I've also tried removing everything from /usr/ports (even the dot files), and then running portsnap fetch portsnap extract portsnap update portupgrade -a (portsnap update should be redundant, but just to be sure), but nothing is upgraded, and portaudit still complains. What am I doing wrong? Nothing, the ports tree is frozen right know - virtually nothing will be updated until xorg 7.2 gets tested and imported[1]. Cool stuff, but do you recommend I uninstall the problematic packages? Also, aren't security patches normally shipped quickly to the ports tree? -- Victor Engmark Quidquid latine dictum sit, altum videtur - What is said in Latin, sounds profound ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Can't upgrade ports collection
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Victor Engmark wrote: On 5/15/07, Karol Kwiatkowski [EMAIL PROTECTED] wrote: Victor Engmark wrote: I'm getting reports that some of the packages I've installed have vulnerabilities when running portaudit -Fda I've tried to update the ports tree running cd /usr/ports portsnap update , but it tells me the tree is already up to date. [...] What am I doing wrong? Nothing, the ports tree is frozen right know - virtually nothing will be updated until xorg 7.2 gets tested and imported[1]. Cool stuff, but do you recommend I uninstall the problematic packages? That depends on lot of factors and, unfortunately, you can only answer yourself. I've got some vulnerable packages on _my desktop_ right now, but that's not a problem for me. YMMV. Another option is to patch ports manually - there's a waiting patch for php5 port for example: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/112527 Also, aren't security patches normally shipped quickly to the ports tree? That depends on the maintainer but usually yes. It's just unfortunate time right now :) Cheers, Karol - -- Karol Kwiatkowski karol.kwiat at gmail dot com OpenPGP 0x06E09309 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGSYgDezeoPAwGIYsRCGS5AJ4rJ/xHNENU8YF7+YzMF/GvLTGu9ACgpuoV 6q7Ur7lVf7tpMSTQLdvFxE0= =PeZY -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]