No. Unless security does not matter for you at all.mveety said:They are.hashime said:It's an argument for properly maintaining the FreeBSD's binary repositories.
Still no Bash update. Not even by now.
No. Unless security does not matter for you at all.mveety said:They are.hashime said:It's an argument for properly maintaining the FreeBSD's binary repositories.
Look, they're updated weekly. If you *NEED* the most bleeding edge code or some security update that isn't built yet then go with ports. We don't do things like the linux people. If you want to use BSD you need to get used to that fact. Binary packages are a luxury, you're not entitled to them.hashime said:No. Unless security does not matter for you at all.mveety said:They are.hashime said:It's an argument for properly maintaining the FreeBSD's binary repositories.
Still no Bash update. Not even by now.
mveety said:Binary packages are a luxury, you're not entitled to them.
What is “wow” is realising that people using a free OS developed by volunteers feel entitled to *something*. It’s better for me to stop here.AzaShog said:mveety said:Binary packages are a luxury, you're not entitled to them.
Wow, reading this in 2014 is... just.... wow!
mveety said:Look, they're updated weekly. If you *NEED* the most bleeding edge code or some security update that isn't built yet then go with ports. We don't do things like the linux people. If you want to use BSD you need to get used to that fact. Binary packages are a luxury, you're not entitled to them.
Juanitou said:What is “wow” is realising that people using a free OS developed by volunteers feel entitled to *something*. It’s better for me to stop here.
Sorry, but I cannot agree: bash is not part of the FreeBSD OS. If it were, as recent history shows, you would have got a binary update through freebsd-update within hours. If a FreeBSD box is compromised today by third-party software, only the person managing it is to be blamed, waiting for somebody else to provide an updated binary package instead of using the port, which has been updated almost always by some unpaid volunteer. Sure, quickly providing security updates for packages of third-party software would be nice, but with the limited resources of the FreeBSD environment it seems not possible right now. Let’s donate some money, time or knowledge to try to improve this.hashime said:Do it right, or don't do it at all. Doing it half leads to frustrated user and insecure FreeBSD boxes and i think no one likes that, that is something we can all agree on i hope?
There are 2 options here
a) discourage the use of binary packages or tell people that using FreeBSD's binary package system is highly insecure. Its 48h+ after the exploit hit and no security fix yet, that's clearly not OK. It is was Microsoft does.
b) Building once a week is fine, but in cases of sever remote exploits rebuild the package in question ASAP.
alexus said:I'm using FreeBSD-9.1-p5.
pkg upgrade bash
:
pkg install bash
pkg upgrade
is used to upgrade all installed packages, not single packages.pkg upgrade is used to upgrade all installed packages, not single packages.
pkg upgrade [--{force,no-install-scripts,dry-run,fetch-only}]
[--{quiet,no-repo-update,yes}] [--repository reponame]
[--{case-sensitive,glob,case-insensitive,regex}]
[<pkg-origin|pkg-name|pkg-name-version> ...]
DESCRIPTION
pkg upgrade is used for upgrading packaged software distributions.
pkg upgrade compares the versions of all or specific packages installed
on the system to what is available in the configured package reposito-
ries.
phoenix said:That command is incorrect. The correct command ispkg install bash
pkg upgrade
is used to upgrade all installed packages, not single packages.
pkg install bash
which would have only upgraded bash and is a bit counter-intuitive. pkg upgrade
seems to work fine for a single package, does that mean that FreeBSD bug #334: pkg upgrade cannot upgrade a single package is no longer accurate?junovitch said:phoenix said:That command is incorrect. The correct command ispkg install bash
pkg upgrade
is used to upgrade all installed packages, not single packages.
Actually it's a new feature with 1.3.x. Before you would have had to do apkg install bash
which would have only upgraded bash and is a bit counter-intuitive.