Date: Mon, 20 Oct 2014 06:29:39 +0200 From: Martin Hanson <greencoppermine@yandex.com> To: "freebsd-pkg@freebsd.org" <freebsd-pkg@freebsd.org> Subject: We need much better security updates for packages Message-ID: <821921413779379@web13m.yandex.ru>
next in thread | raw e-mail | index | archive | help
Hi This is a suggestion. If "pkg" is going to be any good, meaning as a real replacement for always compiling from ports, I think it is really important that we move away from a fixed weekly build when important security upgrades are pending. We cannot wait week or more for the official repos when an important security upgrade is pending. Sure for some small packages it is no problem compiling them from ports, but that really beats the whole purpose of "pkg". Working also with Debian I believe we could perhaps "adopt" some of the ways they deal with these issues. I am not sure how it works at FreeBSD, but I suggest making some kind of security package build team that, when an important security upgrades arises, quickly upgrades the relevant packages. Or this could even be automatized perhaps? Kind regards.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?821921413779379>