Skip site navigation (1)Skip section navigation (2) 
Date:      9 Nov 2003 15:51:34 -0000
From:      Colin Percival <cperciva@daemonology.net>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   ports/59084: [MAINTAINER UPDATE] security/freebsd-update
Message-ID:  <20031109155134.66938.qmail@beastie.daemonology.net>
Resent-Message-ID: <200311091620.hA9GKEpA080667@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         59084
>Category:       ports
>Synopsis:       [MAINTAINER UPDATE] security/freebsd-update
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Sun Nov 09 08:20:13 PST 2003
>Closed-Date:
>Last-Modified:
>Originator:     Colin Percival
>Release:        FreeBSD 4.7-SECURITY i386
>Organization:
>Environment:
>Description:

I haven't tested FreeBSD Update's RSA code on non-i386 platforms, and I 
don't want people relying upon this until I've had a chance to do that 
testing.  Since nobody (AFAIK) is building binary updates for use with 
FreeBSD Update on non-i386 platforms, this shouldn't inconvenience anyone.

Also, add a note reminding people not to touch this port.

>How-To-Repeat:
>Fix:

--- freebsd-update.diff.5 begins here ---
diff -ruN security/freebsd-update.orig/Makefile security/freebsd-update/Makefile
--- security/freebsd-update.orig/Makefile	Wed Oct 15 08:20:24 2003
+++ security/freebsd-update/Makefile	Sun Nov  9 15:34:32 2003
@@ -10,8 +10,17 @@
 CATEGORIES=	security
 MASTER_SITES=	http://www.daemonology.net/freebsd-update/
 
+# This is a critical security port.  If it breaks, Bad Things will happen.
+# Under no circumstances should this port ever be modified without approval
+# from the maintainer or security-officer, even for "cosmetic" fixes.
+
 MAINTAINER=	cperciva@daemonology.net
 COMMENT=	Fetches and installs binary updates to FreeBSD
+
+# The RSA code has only been tested on i386; I don't *think* there are
+# any word-size or endian issues, but I'm not sure.  Since nobody is 
+# building updates for non-i386 platforms anyway, this won't hurt anyone.
+ONLY_FOR_ARCHS=	i386
 
 RUN_DEPENDS=	bspatch:${PORTSDIR}/misc/bsdiff
 
--- freebsd-update.diff.5 ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031109155134.66938.qmail>