< said:
> pkgng will have a crypto-signing mechanism for packages with
> per-repository public keys and so forth. It's not there yet -- stuff is
> awaiting review by security team people, who are (even moreso, given
> current events) generally insanely busy.
Huh? What's not there yet? I've bee
In message <20121121031959.ga30...@server.rulingia.com>, Peter Jeremy writes:
> On 2012-Nov-20 11:30:59 -0500, Gary Palmer wrote:
> >On Tue, Nov 20, 2012 at 11:26:42AM -0500, Eitan Adler wrote:
> >> On 20 November 2012 04:54, xenophon\+freebsd
> >> wrote:
> >> >> As of now:
> >> >>
> >> >> - SVN
On 2012-Nov-20 11:30:59 -0500, Gary Palmer wrote:
>On Tue, Nov 20, 2012 at 11:26:42AM -0500, Eitan Adler wrote:
>> On 20 November 2012 04:54, xenophon\+freebsd
>> wrote:
>> >> As of now:
>> >>
>> >> - SVN is *the* source of truth.
>> >
>> > Would it be possible to publish FreeBSD's Subversion rep
On Mon, Nov 19, 2012 at 07:08:13PM -0800, Zach Leslie wrote:
> > http://www.fossil-scm.org/
> >
> > I'm not fossil user, but it's BSD licensed in written in C.
> > Baptise Daroussin probably could tell us more about fossil pro and cons.
>
> This misses one of of the main points raised in the orig
On Tue, 20 Nov 2012 13:47:19 +0100
Ollivier Robert wrote:
> According to Mohacsi Janos on Tue, Nov 20, 2012 at 12:45:19PM +0100:
> > Dear Ollivier and all,
> > I have problem with the portsnap: I maintain a private
> > "repository" under the /usr/ports: There is a /usr/ports/tmp where
> > I st
thanks for pointing out.
Janos Mohacsi
Head of HBONE+ project
Network Engineer, Director Network and Multimedia
NIIF/HUNGARNET, HUNGARY
Co-chair of Hungarian IPv6 Forum
Key 70EF9882: DEC2 C685 1ED4 C95A 145F 4300 6F64 7B00 70EF 9882
On Tue, 20 Nov 2012, L Campbell wrote:
I have problem with t
On Tue, Nov 20, 2012 at 11:26:42AM -0500, Eitan Adler wrote:
> On 20 November 2012 04:54, xenophon\+freebsd
> wrote:
> >> As of now:
> >>
> >> - SVN is *the* source of truth.
> >
> > Would it be possible to publish FreeBSD's Subversion repository using
> > HTTPS, instead of HTTP?
>
> %svn ls http
> I have problem with the portsnap: I maintain a private
> "repository" under the /usr/ports: There is a /usr/ports/tmp where I store
> new ports to be tested, and submitted. The portsnap is removing
> unrecognized local files.
Adding the line
REFUSE tmp
to /etc/portsnap.conf should make por
On 20 November 2012 04:54, xenophon\+freebsd
wrote:
>> As of now:
>>
>> - SVN is *the* source of truth.
>
> Would it be possible to publish FreeBSD's Subversion repository using
> HTTPS, instead of HTTP?
%svn ls https://svn0.us-west.FreeBSD.org/base/
--
Eitan Adler
___
On 20/11/2012 10:01, Ollivier Robert wrote:
> According to Gary Palmer on Sun, Nov 18, 2012 at 01:04:21PM -0500:
>> > In other words: while signed updates via freebsd-update and portsnap
>> > are great for a good chunk of users, they don't address everyones needs.
> Hopefully, with the move toward
On Tue, Nov 20, 2012 at 02:50:35PM +0100, richard bader wrote:
> Am 20.11.2012 13:47, schrieb John Bayly:
> >On 20/11/12 12:15, Gary Palmer wrote:
> >>On Tue, Nov 20, 2012 at 10:49:13AM +, John Bayly wrote:
> >>>Regarding the 2012 compromise, I'm a little confused as to what was and
> >>>wasn't
Am 20.11.2012 13:47, schrieb John Bayly:
On 20/11/12 12:15, Gary Palmer wrote:
On Tue, Nov 20, 2012 at 10:49:13AM +, John Bayly wrote:
Regarding the 2012 compromise, I'm a little confused as to what was and
wasn't affected:
>From the release:
or of any ports compiled from trees obtained v
On Tue, Nov 20, 2012 at 12:45:19PM +0100, Mohacsi Janos wrote:
> Dear Ollivier and all,
> I have problem with the portsnap: I maintain a private "repository"
> under the /usr/ports: There is a /usr/ports/tmp where I store new
> ports to be tested, and submitted. The portsnap is removing
> unr
On 20/11/12 12:15, Gary Palmer wrote:
> On Tue, Nov 20, 2012 at 10:49:13AM +, John Bayly wrote:
>> Regarding the 2012 compromise, I'm a little confused as to what was and
>> wasn't affected:
>>
>> >From the release:
>>> or of any ports compiled from trees obtained via any means other than
>>>
According to Mohacsi Janos on Tue, Nov 20, 2012 at 12:45:19PM +0100:
> Dear Ollivier and all,
> I have problem with the portsnap: I maintain a private "repository"
> under the /usr/ports: There is a /usr/ports/tmp where I store new
> ports to be tested, and submitted. The portsnap is removing
On Tue, Nov 20, 2012 at 10:49:13AM +, John Bayly wrote:
> Regarding the 2012 compromise, I'm a little confused as to what was and
> wasn't affected:
>
> >From the release:
> > or of any ports compiled from trees obtained via any means other than
> > through svn.freebsd.org or one of its mirror
On Tue, Nov 20, 2012 at 04:54:59AM -0500, xenophon\+freebsd wrote:
> > As of now:
> >
> > - SVN is *the* source of truth.
>
> Would it be possible to publish FreeBSD's Subversion repository using
> HTTPS, instead of HTTP?
I don't know how often they update, but the mirrors listed at
http://www
Regarding the 2012 compromise, I'm a little confused as to what was and
wasn't affected:
>From the release:
> or of any ports compiled from trees obtained via any means other than
> through svn.freebsd.org or one of its mirrors
Does that mean that any ports updated using the standard "portsnap
fet
Zach Leslie wrote:
>> http://www.fossil-scm.org/ l
>>
>> I'm not fossil user, but it's BSD licensed in written in C.
>Also, this particular tool bails out on the unix philosophy, with its
>web
>gui, ticket tracker etc. Do one thing. Do it well.
I would argue that git bails on that as well, b
Dear Ollivier and all,
I have problem with the portsnap: I maintain a private
"repository" under the /usr/ports: There is a /usr/ports/tmp where I store
new ports to be tested, and submitted. The portsnap is removing
unrecognized local files.
With cvsup I don't have such a problem.
I
According to Gary Palmer on Sun, Nov 18, 2012 at 01:04:21PM -0500:
> In other words: while signed updates via freebsd-update and portsnap
> are great for a good chunk of users, they don't address everyones needs.
Hopefully, with the move toward kngng, there will be less need of portsnap (and
/usr
> As of now:
>
> - SVN is *the* source of truth.
Would it be possible to publish FreeBSD's Subversion repository using
HTTPS, instead of HTTP?
--
I FIGHT FOR THE USERS
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/li
22 matches
Mail list logo
