I’ve been working on this for a while. [23:18 r730-01 dvl ~] % pkg audit curl-8.4.0 is vulnerable: curl — SOCKS5 heap buffer overflow CVE: CVE-2023-38545 WWW: https://vuxml.FreeBSD.org/freebsd/d6c19e8c-6806-11ee-9464-b42e991fc52e.html 1 problem(s) in 1 installed package(s) found. [23:18 r730-01 dvl ~] % The original vuxml entry got it wrong. This problem was fixed in 8.4.0 A subsequent […]
Got a pkg vuln you can’t get rid of? Read More »
Today I removed and added the same package. The add failed. Background: I install from my own custom package repo server I do not install from the FreeBSD package servers My packages are built via poudriere The same basic repo configuration file has been in use for years This is what I just encountered: [tallboy
pkg: No SRV record found for the repo ‘local’ Read More »
In this post, I will talk about how I modified my pkg configuration so I don’t have to modify it after upgrading a host/jail from one version of FreeBSD to another. You might say that you don’t have to do that. Perhaps you have a different configuration and aren’t doing what I’m doing. HEADS UP:
Making my pkg.conf configuration version independent Read More »
When you install a package, you want to know it’s still around to reinstall. You’ve probably never given this much thought. Neither had I, until I read this post on Reddit. In my case, I run my own poudriere server which allows me to run my own package server. Why run your own package server?
Are all installed packages available for reinstall? Read More »
Mark Felder and I have been working on a minimalist set of jail scripts for creating and updating jails. All jail management is accomplished via standard vanilla FreeBSD jails. No jail managers are involved. Everything goes through jail.conf. In this post: FreeBSD 13.0 host, recently update from FreeBSD 12.2 FreeBSD 12.s jail on that host,
Upgrading a FreeBSD 12.2 jail to FreeBSD 13 using mkjail Read More »
I have a few development jails dedicated to my work on FreshPorts. It’s been a hobby of mine since the late 1990s. The code I create gets packaged, ready to deploy onto the test, stage, and production hosts. What I absolutely do not want to happen, and it’s happened recently, is for those packages to
Preventing a given package from being installed Read More »
You’ve seen it. A package gets installed. Some shell scripts are included. They get modified. It happens. But how do you know what has changed? I know there is a tool in pkg for this. I know there is a periodic script which uses it. Let’s go looking. In this post: FreeBSD 12.1 periodic $
What files installed by this package have been modified post-install? Read More »