Confused on security vs/or application|packages updates

[8bitGlitch]

I am a little confused about how to upgrade my FreeBSD system. Due to the latter, I want to make sure what I am doing, or what I have to do.

Base security and kernel updates are done by the following commend:
step 1: freebsd-update fetch //collected all required updates.
step 2: freebsd-upate install //installs all the collected items in 'step 1'.


BUT to update ALL installed applications pkg I need to perform the following?

pkg-static upgrade -f

Is there a way to find out if a newer version of a package available before installing?

 

[richardtoohey2]

For security-only checks

pkg audit -F

 

[a6h]

freebsd-version(1): freebsd-version -uk version and patch level of kernel and userland.
** Unlike uname(1) it can detect an installed new kernel without rebooting.

freebsd-update(8): freebsd-update fetch install update kernel and userland
** Then reboot the system or restart services according to the instructions on new update announcement (mailed to you or on the website).

pkg-update(8): pkg update update local catalogues for packages.
pkg-upgrade(8): pkg upgrade check if there's new updates and actually update the packages.
pkg-audit(8): pkg audit -F is there any vulnerable packages on your system (regardless there's an update available or not).

 

[8bitGlitch]

freebsd-version(1): freebsd-version -uk version and patch level of kernel and userland.
** Unlike uname(1) it can detect an installed new kernel without rebooting.

freebsd-update(8): freebsd-update fetch install update kernel and userland
** Then reboot the system or restart services according to the instructions on new update announcement (mailed to you or on the website).

pkg-update(8): pkg update update local catalogues for packages.
pkg-upgrade(8): pkg upgrade check if there's new updates and actually update the packages.
pkg-audit(8): pkg audit -F is there any vulnerable packages on your system (regardless there's an update available or not).

Ok, so applications and Kernel/userland are separate functions. That is what I was unsure of, since coming from DNF/YUM land, which updates pretty much everything at once. I am trying to migrate some resource over to BSD due to license, and get away from GPL.

Thank you

 

[a6h]

Ok, so applications and Kernel/userland are separate functions.

Correct. pkg info for packages freebsd-version -k for kernel and freebsd-version -u for userland.

am trying to migrate some resource over to BSD due to license, and get away from GPL.

Doable and best deal ever! glad to hear that.

 

[rigoletto@]

You can have a look on periodic(8), it can check installed packages with know security issues, among many others things...