Date: Thu, 28 Aug 2003 13:22:01 -0700 From: Colin Percival <colin.percival@wadham.ox.ac.uk> To: Brett Glass <brett@lariat.org>, stable@freebsd.org Subject: Re: Need to build some systems this week. Snapshots? Message-ID: <5.0.2.1.1.20030828130814.01c6dfd8@popserver.sfu.ca> In-Reply-To: <4.3.2.7.2.20030828133145.0313d860@localhost> References: <5.0.2.1.1.20030828110441.02d9f580@popserver.sfu.ca> <4.3.2.7.2.20030828120019.0324b6a0@localhost> <5.0.2.1.1.20030828103403.02d683a8@popserver.sfu.ca> <200308280638.AAA19221@lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 13:54 28/08/2003 -0600, Brett Glass wrote:
>What does one do about packages and ports? It appears that the binary
>packages on the FreeBSD servers are never updated between releases...
>which means that if a bug is in a package or is compiled into a package
>(as with the realpath problem), the FreeBSD servers keep sending out
>exploitable copies of that package indefinitely. The situation with ports
>is a bit better, but how does one know which ones to recompile and
>reinstall? Does your update system handle this situation and/or warn about it?
FreeBSD Update only concerns itself with the base FreeBSD distribution
-- I simply don't have the resources to build any more than that. However,
one simple approach to the ports problem would be to
# find /usr/local/ -perm +111 -type f -exec file {} \; | grep
"statically linked" | cut -f 1 -d ':'
and rebuild the applicable ports. Now that I think about it, I might add
some sort of functionality like that (providing a listing of ports which
need to be rebuilt) into a future version of FreeBSD Update.
Colin Percival
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.0.2.1.1.20030828130814.01c6dfd8>