freebsd stable - Dec 2004 - PHP vulnerability and portupgrade

Hello,

Due to the recently discovered vulnerability in PHP versions older than 
4.3.10 and 5.0.3, I decided to take a look at portupgrade to see if it is a 
good way to keep the ports collection up-to-date with respect to security 
issues. I ran cvsup on the security branch (tag=RELENG_5_3), then portsdb 
-Uu. However, portupgrade didn't find any ports that needed an upgrade.

Am I doing something wrong or is portupgrade not the best tool to keep up 
with security advisories in ports?

Thank you for your help :-)

> Hello,
> 
> Due to the recently discovered vulnerability in PHP versions older than 
> 4.3.10 and 5.0.3, I decided to take a look at portupgrade to see if it is a
> good way to keep the ports collection up-to-date with respect to security 
> issues. I ran cvsup on the security branch (tag=RELENG_5_3), then portsdb 
> -Uu. However, portupgrade didn't find any ports that needed an upgrade.
> 
> Am I doing something wrong or is portupgrade not the best tool to keep up 
> with security advisories in ports?
	cvsup of ports does not use tag=RELENG_5_3.

	e.g.
		*default  host=cvsup.FreeBSD.org
		*default  base=/usr
		*default  prefix=/usr
		*default  release=cvs
		*default  delete use-rel-suffix
		*default  tag=.
		ports-all

	Use portaudit to track security issues in ports.

	
> Thank you for your help :-)
> _______________________________________________
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to
"freebsd-stable-unsubscribe@freebsd.org"
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews@isc.org