Date: Fri, 30 May 2003 08:24:47 +0900 From: Hye-Shik Chang <perky@fallin.lv> To: Miguel Mendez <flynn@energyhq.es.eu.org> Cc: portmgr@freebsd.org Subject: Re: Apache 2.0 Message-ID: <20030529232447.GA44118@fallin.lv> In-Reply-To: <20030529151643.38ccd4b7.flynn@energyhq.es.eu.org> References: <20030529084853.35ac9c06.flynn@energyhq.es.eu.org> <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAyh5gHFZXek2W21nd08o9XcKAAAAQAAAAnsrBe7k2iECNdjmYDv/J%2BQEAAAAA@freebsdchina.org> <20030529151643.38ccd4b7.flynn@energyhq.es.eu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--Q68bSM7Ycu6FN28Q Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, May 29, 2003 at 03:16:43PM +0200, Miguel Mendez wrote: > On Thu, 29 May 2003 18:04:11 +0800 > "???? Xin LI" <delphij@freebsdchina.org> wrote: >=20 > > Please allow a reasonable time for maintainers and portmgr@ to > > determine whether the port will be upgraded. During a port freeze, it > > usually takes more time to have a port upgraded, even when the update >=20 > Hmm, either you didn't understand what I meant or I wasn't clear enough. > I wasn't, by any means, demanding that this package is updated > immediately. It was simply an honest question: Whether it can be updated > before 5.1 gets out. I'm very aware of the fact that, during a ports > freeze, portmgr@ are the ones to decide if a commit goes in or not. Even > if the port is not updated, I think a message should be added, something > like: >=20 > *************************************************** > Warning: enabling mod_dav may pose a security risk. > *************************************************** Apache 2.0.46 fixed 2 more security bugs; CAN-2003-0134 and CAN-2003-0189. Because apache 2.0.* is a bugfix-only branch nowadays and 2.0.46 has no brand new features than 2.0.45. I see that updating to 2.0.46 before 5.1-RELEASE would be okay. >=20 > And let the admin decide whether she is willing to use it. Marking the > port as FORBIDDEN is not a solution at all, IMHO. >=20 > > I have submitted a patch PR as ports/52768, you may want to access it > > through the web: > > http://www.freebsd.org/cgi/query-pr.cgi?pr=3D52768 >=20 > Thanks, I'll have a look at it. The patch on ports/52768 looks fine except that is malformed and missing diff for pkg-plist. Thank you anyway! :) A fixed patch is available at http://people.freebsd.org/~perky/apache-2.0.4= 6.diff Regards, Hye-Shik =3D) --Q68bSM7Ycu6FN28Q Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+1pa/DWUsWc/bS6QRAuQyAKDSImVhwmi2SaErrR7WYpRx0fe+VwCg2Ho9 URxgj/e1e5suWkGDmRDCb78= =lC+/ -----END PGP SIGNATURE----- --Q68bSM7Ycu6FN28Q--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030529232447.GA44118>