From owner-freebsd-stable@FreeBSD.ORG  Tue Dec 20 12:40:42 2005
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: freebsd-stable@freebsd.org
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id F2B3316A41F
	for <freebsd-stable@freebsd.org>; Tue, 20 Dec 2005 12:40:41 +0000 (GMT)
	(envelope-from freebsd.stable@melvyn.homeunix.org)
Received: from sarevok.lan.melvyn.homeunix.org (i153153.upc-i.chello.nl
	[62.195.153.153])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 914D243D5F
	for <freebsd-stable@freebsd.org>; Tue, 20 Dec 2005 12:40:41 +0000 (GMT)
	(envelope-from freebsd.stable@melvyn.homeunix.org)
Received: by sarevok.lan.melvyn.homeunix.org (Postfix, from userid 100)
	id 9F0CE11454; Tue, 20 Dec 2005 13:40:40 +0100 (CET)
From: Melvyn Sopacua <freebsd.stable@melvyn.homeunix.org>
To: freebsd-stable@freebsd.org
Date: Tue, 20 Dec 2005 13:40:40 +0100
User-Agent: KMail/1.8.3
References: <43A7A3F7.7060500@mail.ru>
	<20051220110315.GA66112@melkor.kh405.net>
	<43A7F875.4010903@mail.ru>
In-Reply-To: <43A7F875.4010903@mail.ru>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200512201340.40480.freebsd.stable@melvyn.homeunix.org>
Subject: Re: ports security branch
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Dec 2005 12:40:42 -0000

On Tuesday 20 December 2005 13:26, rihad wrote:

> Imagine: Foo 1.2.3 that 
> was current at the time of FreeBSD 6.0 release gets a severe vuln after
> some time. Some admins upgrade to the latest and greatest Foo 1.2.9,
> others to Foo 1.2.7 (probably with not recently updated ports tree)...

If 1.2.7 is secure, there is no problem. If 1.2.7 is not, portaudit will not 
let you upgrade. It seems to me, you need to farmiliarize yourself first with 
the mechanisms in place already, before shooting it.
-- 
Melvyn Sopacua
freebsd.stable@melvyn.homeunix.org

FreeBSD 6.0-STABLE
Qt: 3.3.5
KDE: 3.4.3