On 23 January 2012 05:32, Victor Sudakov <[email protected]> wrote: > Hello portmaster users, > > If portaudit shows that some installed packages have vulnerabilities, > what do you usually do? > > Do you upgrade only the vulnerable packages, or vulnerable packages > and dependent packages (portmaster -r), or perhaps all packages > (portmaster -a)? Or do you "pkg_delete -a" all packages first and then > reinstall from scratch (from `portmaster --list-origins` perhaps)? > > I am a bit uneasy about "portmaster -a" because, for example, in the > output below it intends to install a package which is already > installed: > > > pg01-sibptus# portmaster -n -a > ===>>> Gathering distinfo list for installed ports > > [dd] > Upgrade php5-ldap-5.3.5_1 to php5-ldap-5.3.9 > Install net/openldap24-sasl-client > Upgrade postgresql-server-9.0.1 to postgresql-server-9.0.6_3 > Upgrade tcl-8.5.9 to tcl-8.5.11 > Upgrade vim-7.3.81 to vim-7.3.121 > Install devel/gettext > > ===>>> Proceed? y/n [y] n > > ===>>> If you would like to upgrade or install some, but not > all of the above try adding '-i' to the command line. > pg01-sibptus# > pg01-sibptus# > pg01-sibptus# pkg_info -xo openldap > Information for openldap-sasl-client-2.4.24: > > Origin: > net/openldap24-client
As I general rule, I don't run "portmaster -a" Variations on -r usually succeed (-R -r is quite useful), though if it pulls in too many very large dependencies (firefox, chrome, open- or libre-office, most anything KDE/QT), I'll sometimes remove those before starting a "portmaster -R -r" type of run. It does require more typing to hand-specify the ports to be upgraded, but I end up with far fewer "Whoops!" moments. -- -- _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
