----- Original Message ----- From: "Kevin D. Kinsey, DaleCo, S.P." <[EMAIL PROTECTED]> To: "Bart Silverstrim" <[EMAIL PROTECTED]> Cc: "Ioannis Vranos" <[EMAIL PROTECTED]>; "FreeBSD Questions Mailing List" <[EMAIL PROTECTED]> Sent: Monday, March 08, 2004 17:24 Subject: Re: Update utility
> Bart Silverstrim wrote: > > > > > On Mar 8, 2004, at 12:15 PM, Ioannis Vranos wrote: > > > >> Is there any utility in FreeBSD 4.9 to check for possible updates/bug > >> fixes > >> via internet? > >> > > > > I *think* have have kind of a handle on this on the server I just > > installed... > > > > I usually do a cvsup to update the list of the ports tree, then use a > > procedure I picked out of http://www.freebsddiary.org/portupgrade.php > > to update applications with portupgrade. > > > > If anyone else has a method other than this, I'd love to know the > > procedure :-) > > > > This only updates ports. Updating FreeBSD, I don't know of anything > > other than if you find a security advisory, you have to have the src > > tree and patch that portion and recompile whatever had the > > vulnerability, following the advisory instructions. I'm thinking that > > since most daemons/applications are from ports, keeping your ports > > tree updated should limit most remote exploits...I would be interested > > in knowing of a way to check whether the installation of the OS is up > > to date, though. > > > > Colin Percival has done something kinda new > and different (and interesting.....) he calls > "FreeBSD Update". I've not tried it, but IIRC > the details are at http://www.daemonology.net/freebsd-update/ > > HTH, > > Kevin Kinsey > DaleCo, S.P. > _______________________________________________ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" Hello, Below is from a post to [EMAIL PROTECTED] It sounds like what you're looking for. I haven't tested it yet, but it my list of things to look into. HTH, Steve >On Thu, Mar 04, 2004 at 03:27:17PM +1100, Michael Vince wrote: >> Hi all >> I thought I would let you people know of a script that I coded that >> facilitates security patch updating on FreeBSD. When I wrote it I >> decided to called it Quickpatch for some reason even though because its >> source based its not necessarily the least bit quick at all :) I had >> kept it for my self for a while but I was recently provoked to release >> it as it could do greater good being out there on the net, because its >> in Perl its quite hackable for custom needs. >> >> http://www.roq.com/projects/quickpatch/ >> >> It has the ability to do a range of different update tasks. These >> features include the ability to easily verify (using PGP) any and all >> advisories, easy setup and use of CVSUP for source and ports tree >> updates. Ability to extract all the useful data out of the official >> FreeBSD security advisories, such as necessary patch commands, security >> advisory topic, exact hours since the patch was made/released, then can >> create ready to run patch files or display/email a full report of that >> information. Also, it can optionally apply the patch files with no >> attendance. Because its highly cronable you can schedule in a 'patch >> mode' kernel recompile and reboot at early morning hours to minimize >> down time inconvenience to others. > >Michael, that's terrific! We've contemplated switching to a >machine-readable format for advisories time and again. Now that >there is a tool that could make use of that, I'm going to investigate >switching again. > >Cheers, >-- >Jacques Vidrine / [EMAIL PROTECTED] / [EMAIL PROTECTED] / [EMAIL PROTECTED] >_______________________________________________ >[EMAIL PROTECTED] mailing list > >http://lists.freebsd.org/mailman/listinfo/freebsd-security >To unsubscribe, send any mail to "[EMAIL PROTECTED]" _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
