FreeBSD Security Survey
Matthias Andree
matthias.andree at gmx.de
Mon May 22 03:02:44 PDT 2006
Scott Long <scottl at samsco.org> writes:
> I share this frustration with you. I was once told that the pain in
> upgrading is due largely to a somewhat invisible difference between
> installing a pre-compiled package, and building+installing a port. In
> theory, if you stick to one method or the other, things will stay mostly
> consistent. But if you mix them, and particularly if you update the
> ports tree in the process, the end result is a bit more undefined. One
> thing that I wish for is that the ports tree would branch for releases,
> and that those branches would get security updates. I know that this
> would involve an exponentially larger amount of effort from the ports
> team, and I don't fault them for not doing it. Still, it would be nice
> to have.
Speaking as a port maintainer, if these branches would allow to just
"MFC" updates from HEAD that are proven and meet dependency requirements
for the new version, I think I'd be able to handle this. The major ports
for concern I maintain (db3* db4*) have forked minor versions for
compatibility anyways.
If it's a "bugfix only" policy that may involve ripping out the minimum
fix out of a larger patch set, it'll pretty much be a non-starter for me
unless someone funds that work.
--
Matthias Andree
More information about the freebsd-stable
mailing list