Language Selection

English French German Italian Portuguese Spanish

The (bad) deal with freebsd-update(8)

Filed under
BSD

The binary patches are quite a mysterious issue in FreeBSD, no matter freebsd-update( 8 ) is around since about 2005, and since FreeBSD 6.3-RELEASE it reached a new level of power. As I have had quarrels with FreeBSD aficionados on the issue of binary patches in FreeBSD, I thought I should clear a bit the mess.

Not only proprietary or closed-source operating systems come with binary security updates, but each and every Linux distribution which is supported by the issuer is provided with patched binaries when a security issue is identified and a solution is found. Unless you're running a source distribution (LFS, Gentoo, etc.), why would you prefer to build yourself from sources a patched binary, when an officially patched package can be made available? This one, the new package is only build once, not millions of times!

All the BSD flavors favor the source patches. When a security advisory is issued, you're supposed to apply the source patch and to rebuild the corresponding binary. Most people never considered this process as a bothersome one, as in real life, there is another issue taking even more time: rebuilding the vulnerable ports (when updated packages are not available).

More Here




More in Tux Machines

today's howtos

6-Way Enterprise Focused Linux Distribution Comparison With An Intel Core i9, Dual Xeon Gold Systems

Here's our latest Linux distribution comparison with this time looking at the out-of-the-box performance of six Linux distributions while running a range of enterprise/workstation-focused benchmarks while using two systems. One system is a high-end Core i9 7980XE desktop system and the other a Tyan 1U Xeon Scalable server with dual Xeon Gold 6138 processors. Read more

Security: FOSS Versus Windows

Linux/Android hacker SBC with hexa-core Rockchip SoC debuts at $75

The Vamrs “RK3399 Sapphire” SBC is on sale for $75, or $349 for a full kit. Vamrs is also prepping an RK3399-based “Rock960” 96Boards SBC. Rockchip’s RK3399 is one of the most powerful ARM-based system-on-chips available on hacker boards, featuring two server-class Cortex-A72 cores clocked to up to 2.0GHz, as well as four Cortex-A53 at up to 1.42GHz and a quad-core Mali-T864 GPU. The hexa-core SoC has appeared on T-Firefly’s Firefly-RK3399 SBC and RK3399 Coreboard computer-on-module, as well as Videostrong’s VS-RD-RK3399 SBC and Theobroma’s RK3399-Q7 Qseven module. Now we have a new contender: Shenzhen based Vamrs, which built the limited edition Rockchip RK3399 Sapphire SBC as the official RK3399 dev board for Rockchip, is now re-launching the board, which features a 40-pin Raspberry Pi compatible connector, with “many in stock” for a discounted price of $75. Read more