Honestly, I am not sure I have the time and my clients aren't willing to analyze each of these reports to figure out which is important or not. In addition, I look at: http://secunia.com/advisories/56670/
and it asks for me to login/signup, which I am not interesting in doing either. Is it possible to install+bootstrap these pkgsrc packages into a directory other than /opt/pkg? (will things break, e.g. SMF manifests) One way I think might help with upgrades if I can run multiple pkgsrc in a single zone? Something like: /data/2014Q1 /data/2014Q2 /opt/pkg -> /data/2014Q1 Perhaps then we could migrate from one set to another easily otherwise having to re-provision means that kind of requires a ton of other steps. Anyhow, thanks for responding! I appreciate the efforts being put into this currently. On Jun 26, 2014, at 1:29 PM, Jonathan Perkin <[email protected]> wrote: > * On 2014-06-26 at 18:47 BST, Anil Jangity wrote: > >>> Even with an LTS release you will see lots of vulnerability >>> reports, by the very nature of running older versions you will >>> often end up with an unsupported release of software where >>> upstream don't care about back-porting fixes and will expect you >>> to update to the latest, which will not be possible in an LTS >>> release. >> >> Yup, understood. But what I would like to know which of these >> vulnerabilities are critical. Not all vulnerabilities are the same. > > That is why we include the URL to the advisory, so you can make that > judgement, as even vulnerabilities of the same type may not have the > same impact, and it will depend on your local setup and configuration. > > Though you are probably safe treating all remote-root-shell as > critical ;) > >> What exactly are the -t type options to pkg_admin audit? > > There are lots (283 currently), and there is no central list that I'm > aware of, so I'm not sure that this option adds a lot of value. > > -- > Jonathan Perkin - Joyent, Inc. - www.joyent.com ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
