From owner-cvs-ports@FreeBSD.ORG Fri Mar 4 11:30:11 2011 Return-Path: Delivered-To: cvs-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 64DDA106564A; Fri, 4 Mar 2011 11:30:11 +0000 (UTC) (envelope-from bsam@ipt.ru) Received: from services.ipt.ru (services.ipt.ru [194.62.233.110]) by mx1.freebsd.org (Postfix) with ESMTP id 1795A8FC15; Fri, 4 Mar 2011 11:30:10 +0000 (UTC) Received: from gate.ipt.ru ([194.62.233.123] helo=h30.sp.ipt.ru) by services.ipt.ru with esmtps (TLSv1:AES128-SHA:128) (Exim 4.54 (FreeBSD)) id 1PvTCz-000EUd-Qs; Fri, 04 Mar 2011 14:30:09 +0300 From: Boris Samorodov To: wen heping References: <69590488@h30.sp.ipt.ru> <20110304100917.GA56262@FreeBSD.org> Date: Fri, 04 Mar 2011 14:30:09 +0300 In-Reply-To: (wen heping's message of "Fri, 4 Mar 2011 19:07:27 +0800") Message-ID: <91031918@h30.sp.ipt.ru> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.2 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Wen Heping , cvs-ports@freebsd.org, Alexey Dokuchaev , cvs-all@freebsd.org, ports-committers@freebsd.org Subject: Re: cvs commit: ports/graphics/eog-plugins Makefile ports/graphics/shotwell Makefile ports/graphics/ethumb Makefile ports/multimedia/dvdstyler Makefile ports/multimedia/mlt Makefile ports/net/mediatomb Makefile ports/net/minidlna Makefile ports/sysut X-BeenThere: cvs-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Mar 2011 11:30:11 -0000 On Fri, 4 Mar 2011 19:07:27 +0800 wen heping wrote: > Also libexif.12.so did not change the shlib version, I knew from upstream > this is a security update , Good, but that is the main purpose of PORTREVISION -- force updating of the port. Bad, because: . you didn't update our security database (security/vuxml); . you said nothing about security updates at the commit log. > so I think there should be something changed > in the shlib. Sure, the library was changed. But we are talking about the shlib *number*. > I think it is safe and worthy to force all the user rebuild their > package which depend on libexif. Seems you don't understand why a PORTREVISION (hence a dependent ports rebuilding) is needed. Look: ----- % ldd `which zsh` /usr/local/bin/zsh: libiconv.so.3 => /usr/local/lib/libiconv.so.3 (0x28110000) libncursesw.so.8 => /lib/libncursesw.so.8 (0x28206000) libm.so.5 => /lib/libm.so.5 (0x2824c000) libc.so.7 => /lib/libc.so.7 (0x28265000) % ----- Zsh LIB_DEPENDS upon (in port's Makefile terms) iconv.3. When a new version of libiconv with a shlib bump appears and is installed, the system has libiconv.so.4 library (I'm not speaking about compat here). The shell becomes useless -- it won't run. To prevent this the PORTREVISION of shells/zsh should be bumped. But if a new libiconv library (say, with a security fix) is installed, then *nothing* should be done with shells/zsh! The latter just use the new library. -- WBR, bsam