Re: PHP 4.1.2

From: Christopher Schulte (schulte+freebsd@nospam.schulte.org)
Date: 03/12/02


Date: Tue, 12 Mar 2002 16:34:50 -0600
To: batz <batsy@vapour.net>, Christopher Schulte <schulte+freebsd@nospam.schulte.org>
From: Christopher Schulte <schulte+freebsd@nospam.schulte.org>

At 05:04 PM 3/12/2002 -0500, batz wrote:
>By what you are saying, I can infer that RELENG_4_X also includes security
>fixes in ports which I can cvsup on a daily basis, and by doing this, fix
>any ports which have been declared vulnerable. I should further be able
>to automaticly upgrade any ports which use the vulnerable one as a
>dependency, by cvsup'ing RELENG_4_X.

The ports live on their own cvs island, there is no RELENG_ANYTHING
associated with them. The combined tree is maintained separately from the
source code of the actual Operating System and bundled applications.

Check out the supfile samples in /usr/share/examples/cvsup/ :

###############################################################################
#
# DANGER! WARNING! LOOK OUT! VORSICHT!
#
# If you add any of the ports collections to this file, be sure to
# specify them like this:
#
# ports-all tag=.
#
# If you leave out the "tag=." portion, CVSup will delete all of
# the files in your ports tree. That is because the ports collections
# do not use the same tags as the main part of the FreeBSD source tree.
#
###############################################################################

Just cvsup your ports tree daily, you'll pick up the new ports as the
maintainers fix/add them. You can then opt to reinstall ports already in
use on your system. If it's a new port install, you'll get the newest and
greatest automatically. /usr/ports/sysutils/portupgrade is great for
keeping track of this kind of thing.

I hope that sheds some light.

Followups might be appropriate to -questions...

>--
>batz

--
Christopher Schulte
http://www.schulte.org/
Do not un-munge my @nospam.schulte.org
email address.  This address is valid.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message


Relevant Pages

  • Re: cvsup: local
    ... To run cvsupd, you need the whole cvs tree for the collections you're ... would probably be to cvsup the changes to ... then NFS-mount that machine's ports tree from the ... and i got some thing quite similar to ports tree indeed. ...
    (freebsd-questions)
  • Re: cvsup: local
    ... any helps and hints in setting cvsup server would highly be appreciated. ... To run cvsupd, you need the whole cvs tree for the collections you're ... then NFS-mount that machine's ports tree from the ... and i got some thing quite similar to ports tree indeed. ...
    (freebsd-questions)
  • Re: Very Beginning CVSup Questions
    ... track -STABLE once I get the hang of CVSup, make buildworld, etc. ... "ports compiled on earlier builds should work in later builds". ... seconds to fetch and apply 169 patches: ... | Fetching snapshot tag from portsnap1.FreeBSD.org... ...
    (freebsd-questions)
  • Re: php 4.3.10, manual installation
    ... was in ports, then roll back your ports tree to that date ... so if you roll back the ports tree to April 1 ... You'll need cvsup for this. ... if you want to install the versions of the ...
    (freebsd-questions)
  • Re: make index
    ... > The index is a list of all of the ports, what each port depends on, ... you'll get a freshly built index file included ... > during the previous cvsup session (or however you choose to upgrade ... Kent Stewart ...
    (freebsd-questions)