Date: Wed, 22 Dec 2004 12:06:19 +1100 From: Mark Andrews <Mark_Andrews@isc.org> To: Ladislav Bodnar <distro.watch@msa.hinet.net> Cc: stable@freebsd.org Subject: Re: PHP vulnerability and portupgrade Message-ID: <200412220106.iBM16JlF080958@drugs.dv.isc.org> In-Reply-To: Your message of "Wed, 22 Dec 2004 08:55:07 %2B0800." <200412220855.07654.distro.watch@msa.hinet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> Hello, > > Due to the recently discovered vulnerability in PHP versions older than > 4.3.10 and 5.0.3, I decided to take a look at portupgrade to see if it is a > good way to keep the ports collection up-to-date with respect to security > issues. I ran cvsup on the security branch (tag=RELENG_5_3), then portsdb > -Uu. However, portupgrade didn't find any ports that needed an upgrade. > > Am I doing something wrong or is portupgrade not the best tool to keep up > with security advisories in ports? cvsup of ports does not use tag=RELENG_5_3. e.g. *default host=cvsup.FreeBSD.org *default base=/usr *default prefix=/usr *default release=cvs *default delete use-rel-suffix *default tag=. ports-all Use portaudit to track security issues in ports. > Thank you for your help :-) > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200412220106.iBM16JlF080958>