On Sat, Mar 27, 2004 at 06:15:08PM +0000, slimmy baddog wrote:
> I am new to FreeBSD and i wanted to ask something since systems security is
> what interests me the most.
>
> Does freebsd have an automated update system like redhat has ?
It's not quite like the way RedHat does things. Under FreeBSD, there
is a clear distinction between the system and 3rd party packages/ports.
You can use cvsup(1) to synchronise your copy of the system sources
with the latest available from FreeBSD -- if you track the RELENG_4_9
branch the only changes you'll get are security patches.
See the handbook for an explanation of how all this works:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvs-tags.html
If you want a binary update system, see:
http://www.daemonology.net/freebsd-update/
This is still in development and hasn't received the official FreeBSD
imprimatur quite yet (but surely it's only a matter of time). Install
the security/freebsd-update port to get started with this.
The ports tree is developed separately from the base system, and
there's only the one branch that you can track via cvsup(1). Install
portupgrade(1) for a useful tool to keep ports up to date. The
security/portaudit port will get you a dynamically updated
vulnerability database which will warn you of any problems with the
port versions you have installed.
> Also where can i find a list with patches for all local - remote holes and
> bugs of FreeBSD 4.9 ?
Start here:
http://www.freebsd.org/security/
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url :
http://lists.freebsd.org/pipermail/freebsd-security/attachments/20040327/4bac0bb7/attachment.bin