Date: Mon, 22 May 2006 12:02:14 +0200 From: Matthias Andree <matthias.andree@gmx.de> To: freebsd-stable@freebsd.org Subject: Re: FreeBSD Security Survey Message-ID: <m3odxqcr89.fsf@merlin.emma.line.org> In-Reply-To: <44714FBB.4000603@samsco.org> (Scott Long's message of "Sun, 21 May 2006 23:44:27 -0600") References: <4471361B.5060208@freebsd.org> <20060521231657.O6063@abigail.angeltread.org> <44714FBB.4000603@samsco.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Scott Long <scottl@samsco.org> writes: > I share this frustration with you. I was once told that the pain in > upgrading is due largely to a somewhat invisible difference between > installing a pre-compiled package, and building+installing a port. In > theory, if you stick to one method or the other, things will stay mostly > consistent. But if you mix them, and particularly if you update the > ports tree in the process, the end result is a bit more undefined. One > thing that I wish for is that the ports tree would branch for releases, > and that those branches would get security updates. I know that this > would involve an exponentially larger amount of effort from the ports > team, and I don't fault them for not doing it. Still, it would be nice > to have. Speaking as a port maintainer, if these branches would allow to just "MFC" updates from HEAD that are proven and meet dependency requirements for the new version, I think I'd be able to handle this. The major ports for concern I maintain (db3* db4*) have forked minor versions for compatibility anyways. If it's a "bugfix only" policy that may involve ripping out the minimum fix out of a larger patch set, it'll pretty much be a non-starter for me unless someone funds that work. -- Matthias Andree
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m3odxqcr89.fsf>