# Confused on security vs/or application|packages updates



## 8bitGlitch (Sep 3, 2020)

I am a little confused about how to upgrade my FreeBSD system. Due to the latter, I want to make sure what I am doing, or what I have to do.

Base security and kernel updates are done by the following commend:
step 1: _freebsd-update fetch_ //collected all required updates.
step 2: _freebsd-upate install _//installs all the collected items in 'step 1'.


BUT to update ALL installed applications pkg I need to perform the following?

_pkg-static upgrade -f_

Is there a way to find out if a newer version of a package available before installing?


----------



## richardtoohey2 (Sep 3, 2020)

For security-only checks

```
pkg audit -F
```


----------



## a6h (Sep 4, 2020)

freebsd-version(1): `freebsd-version -uk` version and patch level of kernel and userland.
** Unlike uname(1) it can detect an installed new kernel without rebooting.

freebsd-update(8): `freebsd-update fetch install` update kernel and userland
** Then reboot the system or restart services according to the instructions on _new update announcement _(mailed to you or on the website).

pkg-update(8): `pkg update` update local catalogues for packages.
pkg-upgrade(8): `pkg upgrade` check if there's new updates and actually update the packages.
pkg-audit(8): `pkg audit -F` is there any vulnerable packages on your system (regardless there's an update available or not).


----------



## 8bitGlitch (Sep 4, 2020)

vigole said:


> freebsd-version(1): `freebsd-version -uk` version and patch level of kernel and userland.
> ** Unlike uname(1) it can detect an installed new kernel without rebooting.
> 
> freebsd-update(8): `freebsd-update fetch install` update kernel and userland
> ...


Ok, so applications and Kernel/userland are separate functions. That is what I was unsure of, since coming from DNF/YUM land, which updates pretty much everything at once. I am trying to migrate some resource over to BSD due to license, and get away from GPL.

Thank you


----------



## a6h (Sep 4, 2020)

8bitGlitch said:


> Ok, so applications and Kernel/userland are separate functions.


Correct. `pkg info` for packages `freebsd-version -k` for kernel and `freebsd-version -u` for userland.


8bitGlitch said:


> am trying to migrate some resource over to BSD due to license, and get away from GPL.


Doable and best deal ever! glad to hear that.


----------



## rigoletto@ (Sep 4, 2020)

You can have a look on periodic(8), it can check installed packages with know security issues, among many others things...


----------

