Date: Sat, 25 Nov 2017 16:21:17 +0000 From: rplace <rplace@vivaldi.net> To: freebsd-questions@freebsd.org Subject: why pkgs with vulnerabilities =?utf-8?Q?on?= =?utf-8?Q?_quarterly_aren=E2=80=99t?= updated Message-ID: <20171125162116.GA7147@03c0.comcast.net>
next in thread | raw e-mail | index | archive | help
Every day I check pkg audit -F on 11.1 from quarterly, and for like a month it’s listed many xorg-server vulnerabilities. And now it’s listed firefox-esr vulnerabilities for what seems like at least a week. For xorg-server, I see that there’s https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223286 which has drawn zero attention. I see that there are newer versions in latest. How do I tell when issues have fallen between the cracks vs a change deliberately not being brought to quarterly? In cases like this, does it make sense to talk to maintainers, or to one of the pkg/ports lists, or…?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20171125162116.GA7147>