A question about Security Advisories
tech-lists
tech-lists at zyxst.net
Thu Sep 3 12:16:26 UTC 2020
Hi,
On Tue, Aug 11, 2020 at 10:21:07AM +0300, Oleksandr Kryvulia wrote:
>
> Hi,
>Last years all Security Advisories regarding base system in the "update
>your vulnerable system via a source code patch " section recommends to
>rebuild a whole world instead of an affected part of a base system. This
>is in a most cases an overhead.
>
>For example 9 years old SA-11:04 [1] offers:
>
>b) Execute the following commands as root:
>
># cd /usr/src
># patch < /path/to/patch
># cd /usr/src/usr.bin/compress
># make obj && make depend && make && make install
># cd /usr/src/usr.bin/gzip
># make obj && make depend && make && make install
>
>What is a reason we stop to do it? I understand that the preferred way
>now is a binary upgrade.
+1 I've been wondering this as well. What is the reason for it?
--
J.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20200903/9c7f7c81/attachment.sig>
More information about the freebsd-security
mailing list