From owner-freebsd-questions@FreeBSD.ORG Fri Oct 22 13:51:01 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D991116A4CE for ; Fri, 22 Oct 2004 13:51:01 +0000 (GMT) Received: from hotmail.com (bay8-f48.bay8.hotmail.com [64.4.27.48]) by mx1.FreeBSD.org (Postfix) with ESMTP id C706043D1D for ; Fri, 22 Oct 2004 13:51:01 +0000 (GMT) (envelope-from threeknucklesdeep@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Fri, 22 Oct 2004 06:51:01 -0700 Received: from 209.240.79.128 by by8fd.bay8.hotmail.msn.com with HTTP; Fri, 22 Oct 2004 13:50:13 GMT X-Originating-IP: [209.240.79.128] X-Originating-Email: [threeknucklesdeep@hotmail.com] X-Sender: threeknucklesdeep@hotmail.com From: "Randall Foster" To: freebsd-questions@FreeBSD.org Date: Fri, 22 Oct 2004 06:50:13 -0700 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 22 Oct 2004 13:51:01.0401 (UTC) FILETIME=[2A844090:01C4B83E] Subject: interim port versions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Oct 2004 13:51:02 -0000 I'm new to the bsd's, came from linux and i'm having a bit of difficulty figuring out the general philosophy. One of the major reasons that i decided to try out the 'bsds' is because of the security. I'm having a hard time however figuring out how security issues in the ports get dealt with when there is a port freeze, like now. The best example i can think of is gaim...(i almost didn't recheck the port on the 4.10 tree, it's now mysteriously up to date, phew.) ......slightly altered next paragraph.... lets say i found out there is a msn slp buffer overflow (like currently) and i wanted to protect myself....so i cvsuped my ports tree and then wanted to portupgrade....... problem is...since it's a port freeze...up until a few days ago it's still at 0.82 not the 1.02 that is out now, I watched it and never saw version 1.00 or 1.01. Are the ports frozen _except_for_security_fixes or am i missing something. I looked around on the lists for this but didn't see it and it seems like a fairly big deal if security issues arise during a freeze. Thanks in advance, Randall _________________________________________________________________ Don’t just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/