Imagine: Foo 1.2.3 that
was current at the time of FreeBSD 6.0 release gets a severe vuln after
some time. Some admins upgrade to the latest and greatest Foo 1.2.9,
others to Foo 1.2.7 (probably with not recently updated ports tree)...
If 1.2.7 is secure, there is no problem. If 1.2.7 is not,
Quoth rihad on Tue, Dec 20, 2005 at 10:25:59 +0400
Is there a security branch for the FreeBSD ports collection? Let's say,
I installed FreeBSD 6.0 together with all needed -RELEASE ports/packages
(i.e., those on the CD). Running security/portaudit after a while
reveals that some of the
Yann Golanski wrote:
Quoth rihad on Tue, Dec 20, 2005 at 10:25:59 +0400
Is there a security branch for the FreeBSD ports collection? Let's say,
I installed FreeBSD 6.0 together with all needed -RELEASE ports/packages
(i.e., those on the CD). Running security/portaudit after a while
reveals
Quoth rihad on Tue, Dec 20, 2005 at 14:18:13 +0400
A very interesting script for its own purpose, but I'm afraid this
doesn't answer my question at all. Perhaps seeing the way that e.g.
Debian deals with the upgrade problem might shed some light on the
issue. Hell, FreeBSD does exactly that
On Tuesday 20 December 2005 11:18, rihad wrote:
Yann Golanski wrote:
Quoth rihad on Tue, Dec 20, 2005 at 10:25:59 +0400
Is there a security branch for the FreeBSD ports collection? Let's say,
I installed FreeBSD 6.0 together with all needed -RELEASE ports/packages
(i.e., those on the CD).
On Tue, Dec 20, 2005 at 02:18:13PM +0400, rihad wrote:
A very interesting script for its own purpose, but I'm afraid this
doesn't answer my question at all. Perhaps seeing the way that e.g.
Debian deals with the upgrade problem might shed some light on the
issue. Hell, FreeBSD does exactly
On Tuesday 20 December 2005 11:49, Yann Golanski wrote:
Quoth Melvyn Sopacua on Tue, Dec 20, 2005 at 11:43:55 +0100
I had one that was safe to run in cron (in fact it ran in
periodic/daily), but uses a cvs tree of ports, not cvsup to save
time[1]. I lost it with a disk crash, but was going
On Tuesday 20 December 2005 12:03, Marwan Burelle wrote:
Relying on the maintainer work is a good starting point, you may trust
him for doing only the needed updates for those ports that requier
security concerns. But even here, major updates of widely used libs
imply rebuild of most of the
On Tue, Dec 20, 2005 at 12:15:30PM +0100, Melvyn Sopacua wrote:
On Tuesday 20 December 2005 12:03, Marwan Burelle wrote:
Relying on the maintainer work is a good starting point, you may trust
him for doing only the needed updates for those ports that requier
security concerns. But even
On Tuesday 20 December 2005 12:39, Marwan Burelle wrote:
The point is not that this is always true, but that you have to handle
those kinds of problems if you want to maintain a security branch for
ports.
The point is, that it is irrelevant. Ports are independant of the base system.
There is
Marwan Burelle wrote:
On Tue, Dec 20, 2005 at 02:18:13PM +0400, rihad wrote:
A very interesting script for its own purpose, but I'm afraid this
doesn't answer my question at all. Perhaps seeing the way that e.g.
Debian deals with the upgrade problem might shed some light on the
issue. Hell,
On Tuesday 20 December 2005 13:26, rihad wrote:
Imagine: Foo 1.2.3 that
was current at the time of FreeBSD 6.0 release gets a severe vuln after
some time. Some admins upgrade to the latest and greatest Foo 1.2.9,
others to Foo 1.2.7 (probably with not recently updated ports tree)...
If
On Tuesday 20 December 2005 10:26, rihad wrote:
FreeBSD's latest and greatest attitude is very relevant for desktop
users and such. I think it would be even better to make
security-conscious server admins' lives even better. Put up a box,
forget about it, do a major upgrade in a year.
Is there a security branch for the FreeBSD ports collection? Let's say,
I installed FreeBSD 6.0 together with all needed -RELEASE ports/packages
(i.e., those on the CD). Running security/portaudit after a while
reveals that some of the installed packages have vulnerabilities. Am I
on my own to go
On Tuesday, December 20, 2005 6:26 AM when we last met our heroes,
[EMAIL PROTECTED] was heard to say:
Sorry if this is a bit OT. I've already asked this on
freebsd-questions@
but they told me there's no such thing at all.
And they were correct. The overhead of managing such a thing
15 matches
Mail list logo
