Date: Tue, 20 Dec 2005 13:21:13 +0100 From: Melvyn Sopacua <freebsd.stable@melvyn.homeunix.org> To: freebsd-stable@freebsd.org Subject: Re: ports security branch Message-ID: <200512201321.13197.freebsd.stable@melvyn.homeunix.org> In-Reply-To: <20051220113907.GB66112@melkor.kh405.net> References: <43A7A3F7.7060500@mail.ru> <200512201215.30165.freebsd.stable@melvyn.homeunix.org> <20051220113907.GB66112@melkor.kh405.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday 20 December 2005 12:39, Marwan Burelle wrote: > The point is not that this is always true, but that you have to handle > those kinds of problems if you want to maintain a security branch for > ports. The point is, that it is irrelevant. Ports are independant of the base system. There is no need for a security branch of the ports tree. The ports that rely on specifics in the base system, handle it themselves via BROKEN, FreeBSD_version and friends. The ports tree is only tagged for a specific release, so that release cdroms can be made. The only thing that makes sense is pre-compiled packages being updated for security branches of the base system - but, that is only worth-while if there's a large enough userbase that has an /etc/make.conf without NO_ flags. Since for example I have no need for Kerberos, I cannot use the FreeBSD provided packages for the ones that make sense, as they all link libgssapi (subversion pulls it in through www/neon, smbclient because of ports/90238 and thus kde*). -- Melvyn Sopacua freebsd.stable@melvyn.homeunix.org FreeBSD 6.0-STABLE Qt: 3.3.5 KDE: 3.4.3
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200512201321.13197.freebsd.stable>