freebsd一大特色,可以对已经安装的软件包进行审计,确认是否安全。如下
pkg audit ruby-2.7.3_2,1 is vulnerable: Ruby -- multiple vulnerabilities CVE: CVE-2021-32066 CVE: CVE-2021-31810 CVE: CVE-2021-31799 WWW: https://vuxml.FreeBSD.org/freebsd/7ed5779c-e4c7-11eb-91d7-08002728f74c.html 1 problem(s) in 1 installed package(s) found.
笔者当前服务器版本是FreeBSD-11.4RELEASE,截至笔者写本文章之前,还发现curl存在楼的,版本是curl7.78,
升级漏洞办法(curl)
portsnap update
cd /usr/ports/ftp/curl
portmaster -f #弹出很多确认窗口,让你选择是否编译相应依赖的debug库或者examples,一般一路OK就可以
make
make reinstall #安装新版本
ruby升级办法
cd /usr/ports/lang/ruby27 make make reinstall
升级后
pkg upgrade Updating FreeBSD repository catalogue... pkg: http://pkg.freebsd.cn/FreeBSD:11:amd64/quarterly/packagesite.pkg: Not Found FreeBSD repository is up to date. All repositories are up to date. Updating database digests format: 100% Checking for upgrades (11 candidates): 100% Processing candidates (11 candidates): 100% Checking integrity... done (0 conflicting) Your packages are up to date.