Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 26 Mar 2012 08:30:25 +0200
From:      Baptiste Daroussin <bapt@FreeBSD.org>
To:        Konstantin Belousov <kostikbel@gmail.com>
Cc:        ports@FreeBSD.org, pgsql@FreeBSD.org, Chris Rees <utisoft@gmail.com>, Radim Kolar <hsn@filez.com>
Subject:   Re: Postgresql 8.2 branch - keep it in tree
Message-ID:  <20120326063024.GB7318@azathoth.lan>
In-Reply-To: <20120325151816.GZ2358@deviant.kiev.zoral.com.ua>
References:  <4F6F14AF.9070501@filez.com> <CADLo83-Lxk3c=NJm3bLhZhNfc%2BdArNa%2B7NDVBKCmGKZV9X7A2w@mail.gmail.com> <20120325151816.GZ2358@deviant.kiev.zoral.com.ua>

next in thread | previous in thread | raw e-mail | index | archive | help

--xXmbgvnjoT4axfJE
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sun, Mar 25, 2012 at 06:18:16PM +0300, Konstantin Belousov wrote:
> On Sun, Mar 25, 2012 at 12:54:36PM +0000, Chris Rees wrote:
> > On 25 Mar 2012 13:51, "Radim Kolar" <hsn@filez.com> wrote:
> > >
> > > please do not remove this pgsql branch. its newest branch using old
> > postgresql-contrib full text search engine. Upgrading to 8.3+ is not
> > possible for such applications.
> >=20
> > I'm afraid it's not only end of life by upstream, but also vulnerable in
> > more than one CVE, and will not be fixed.
> Why is presence of a CVE relevant for 90% of all port users ?

How are we supposed to know how people are using the ports? It is impossibl=
e to
know how much the CVE will impact our users, keeping ports with known unfix=
ed CVE
is proposing potentially risky software to our users, which is not acceptab=
le.

If upstream has dropped their support for a given version, a maintainer has=
 two
choices: do himself the active support instead of upstream, or follow upstr=
eam
policy and drop the port.

regards,
Bapt

--xXmbgvnjoT4axfJE
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)

iEYEARECAAYFAk9wDQAACgkQ8kTtMUmk6ExUFACgnxWGEXSgAf+LB9LVn5avnrob
azAAoKLQgnLjDO48IHsh1Rr59V/2VFl/
=8x8b
-----END PGP SIGNATURE-----

--xXmbgvnjoT4axfJE--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120326063024.GB7318>