FreeBSD漏洞程序升级

freebsd一大特色,可以对已经安装的软件包进行审计,确认是否安全。如下

pkg audit
ruby-2.7.3_2,1 is vulnerable:
  Ruby -- multiple vulnerabilities
  CVE: CVE-2021-32066
  CVE: CVE-2021-31810
  CVE: CVE-2021-31799
  WWW: https://vuxml.FreeBSD.org/freebsd/7ed5779c-e4c7-11eb-91d7-08002728f74c.html

1 problem(s) in 1 installed package(s) found.

笔者当前服务器版本是FreeBSD-11.4RELEASE,截至笔者写本文章之前,还发现curl存在楼的,版本是curl7.78,

升级漏洞办法(curl)

portsnap update
cd /usr/ports/ftp/curl
portmaster -f #弹出很多确认窗口,让你选择是否编译相应依赖的debug库或者examples,一般一路OK就可以
make
make reinstall #安装新版本

 ruby升级办法

cd /usr/ports/lang/ruby27
make
make reinstall

 升级后

pkg upgrade
Updating FreeBSD repository catalogue...
pkg: http://pkg.freebsd.cn/FreeBSD:11:amd64/quarterly/packagesite.pkg: Not Found
FreeBSD repository is up to date.
All repositories are up to date.
Updating database digests format: 100%
Checking for upgrades (11 candidates): 100%
Processing candidates (11 candidates): 100%
Checking integrity... done (0 conflicting)
Your packages are up to date.

 

posted on 2021-11-10 18:59  你不知道的浪漫  阅读(121)  评论(0编辑  收藏  举报
Powered by:
博客园
Copyright © 2024 你不知道的浪漫
Powered by .NET 8.0 on Kubernetes