How can we ensure security fixes get MFH'd to quarterly?
Kurt Jaeger
pi at freebsd.org
Wed Jan 2 06:28:29 UTC 2019
Hi!
> On Nov 27, r486043 was committed to head to fix several vulnerabilities
> in the Samba 4.7 and 4.8 ports, but it wasn't merged to 2018Q4. A PR
> was opened, but 2018Q4 sat unfixed until it expired at the end of the year.
>
> Filing a PR didn't help. Mentioning the PR on this list didn't help.
> What can be done to prevent further repetitions of this lapse in the future?
>From what I know, there are two issues:
- it should be clear that it does not cause regressions in quarterly
this is not always easy to check
- it needs portmgr or -secteam approval (this was missing in that case)
--
pi at FreeBSD.org +49 171 3101372 One year to go !
More information about the freebsd-ports
mailing list