We need much better security updates for packages
Martin Hanson
greencoppermine at yandex.com
Mon Oct 20 04:30:03 UTC 2014
Hi
This is a suggestion.
If "pkg" is going to be any good, meaning as a real replacement for
always compiling from ports, I think it is really important that we
move away from a fixed weekly build when important security upgrades
are pending.
We cannot wait week or more for the official repos when an important
security upgrade is pending.
Sure for some small packages it is no problem compiling them from
ports, but that really beats the whole purpose of "pkg".
Working also with Debian I believe we could perhaps "adopt" some of the
ways they deal with these issues.
I am not sure how it works at FreeBSD, but I suggest making some kind
of security package build team that, when an important security
upgrades arises, quickly upgrades the relevant packages.
Or this could even be automatized perhaps?
Kind regards.
More information about the freebsd-pkg
mailing list