At 10:13 AM 12/10/2005, Ivan Voras wrote:
Tobias Roth wrote:
On Wed, Oct 12, 2005 at 12:09:53PM +0200, jere wrote:
And you cannot expect the port maintainers
to backport security fixes if the upstream provider chose to release the
fix only together with a new version.
Yes you can, ask these guys: http://www.debian.org/. It's just a
matter of policy.
I dislike the long cycles between version updates in Debian but must
admit that the "stable" distributions indeed justify their name,
INCLUDING packages.
My idea is that there could maybe be some "core" ports, about 1500 or so,
This sounds like a recipe for confusion. Some users have problems
distinguishing between whats in the base, and whats out of the
ports. Another type of "psudo base app" would just add to the
confusion. Users / admins need to take *some* responsibility for
what is installed on their system. Many ports are not very well
maintained in the first place and to say that the security team
should be responsible for another 1500 applications is not realistic.
---Mike
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
