View Single Post
  #1   (View Single Post)  
Old 10th July 2011
albator albator is offline
Shell Scout
 
Join Date: Jul 2011
Posts: 98
Default stable branch - ports security updates

Hi everyone,

Could someone help me to clarify how to apply packages security updates and what is the proper way to do it?

I know I have to go through ports, as there are no packages for stable, the branch I want to follow.

So I got the port tree via Anonymous CVS as explained in the FAQ.

From there the script
Code:
/usr/ports/infrastructure/build/out-of-date
gave me the list of what needed to be updated.

Here are examples of the output :
Code:
...
databases/evolution-data-server #  -> eggdbus-0.6p1
...
www/firefox-i18n,-fr           # mozilla-firefox-3.6.13p3 -> mozilla-firefox-3.6.16
www/mozilla-firefox            # 3.6.13p3 -> 3.6.16
I updated evolution-data-server this way
Code:
# cd /usr/ports/databases/evolution-data-server
# make FORCE_UPDATE=Yes update
Once the build over, running the out-of-date script still shows evolution as candidate for an update even though eggdbus had been updated.

Here is what I did to update Firefox :
Code:
# make FORCE_UPDATE=Yes update
...
Upgrading from mozilla-firefox-3.6.13p3
mozilla-firefox-3.6.13p3->mozilla-firefox-3.6.16 forward dependencies:
| Dependency of firefox-i18n-fr-3.6.13 on mozilla-firefox-3.6.13 doesn't match
NOT MERGING: can't find update for firefox-i18n-fr-3.6.13-> (ok)
Forcing update
mozilla-firefox-3.6.13p3->mozilla-firefox-3.6.16: ok                           
Read shared items: ok                                                          
Look in /usr/local/share/doc/pkg-readmes for extra documentation.              
Couldn't find updates for firefox-i18n-fr-3.6.13
It seems that firefox-i18n was not updated in the port tree so building it fails. So I downloaded the language pack directly from Firefox Modules.

My questions are :

- What should I do for evolution-data-server to be correctly linked to eggdbus-0.6p1 ?

- How come new packages came along while I update ? (CUPS for example in the case of Firefox)

- Is there a way to send the output of the out-of-date script to the update process ?

I tried this

Code:
# pkg_list=$(mktemp)
# /usr/ports/infrastructure/build/out-of-date > $pkg_list
# cd /usr/ports
# SUBDIRLIST=$pkg_list make clean package
but it ended up in installing packages (instead of only building them) even some I hadn't before (qt3, mysql...) and seemed to continue endlessly.


- Last question, I wanted to subscribe to the ports-security list, but there is no activity since 2006. Is there a way to be aware of the availability of updates without updating the port tree and running out-of-date ?

Many thanks.

Last edited by albator; 10th July 2011 at 07:04 PM.
Reply With Quote