FreeBSD漏洞程序升级

原创

passedbylove 2022-08-18 09:36:13 ©著作权

©著作权归作者所有：来自51CTO博客作者passedbylove的原创作品，请联系作者获取转载授权，否则将追究法律责任

freebsd一大特色，可以对已经安装的软件包进行审计，确认是否安全。如下

pkg audit
ruby-2.7.3_2,1 is vulnerable:
  Ruby -- multiple vulnerabilities
  CVE: CVE-2021-32066
  CVE: CVE-2021-31810
  CVE: CVE-2021-31799
  WWW: https://vuxml.FreeBSD.org/freebsd/7ed5779c-e4c7-11eb-91d7-08002728f74c.html

1 problem(s) in 1

笔者当前服务器版本是FreeBSD-11.4RELEASE，截至笔者写本文章之前，还发现curl存在楼的，版本是curl7.78,

升级漏洞办法(curl)

portsnap update
cd /usr/ports/ftp/curl
portmaster -f #弹出很多确认窗口，让你选择是否编译相应依赖的debug库或者examples，一般一路OK就可以
make
make reinstall #安装新版本

ruby升级办法

cd /usr/ports/lang/ruby27
make
make

升级后

pkg upgrade
Updating FreeBSD repository catalogue...
pkg: http://pkg.freebsd.cn/FreeBSD:11:amd64/quarterly/packagesite.pkg: Not Found
FreeBSD repository is up to date.
All repositories are up to date.
Updating database digests format: 100%
Checking for upgrades (11 candidates): 100%
Processing candidates (11 candidates): 100%
Checking integrity... done (0 conflicting)
Your packages are up to date.