sysutils/cfs

[Chris Rees]

On 4 September 2011 21:32, Julian H. Stacey <jhs at berklix.com> wrote:
>>
>> Whoops, also missed a CVE -- buffer overflows can cause a DoS.
>> Expiration date altered to 1 month accordingly.
>
> It is not responsible to threaten to remove ports without warning
> between releases for non urgent reasons.
>
> Better to deprecate such non urgent ports, & wait a while after next
> release is rolled, to give release users a warning & some time
> to volunteer (or if a firm using releases, perhaps time to allocate
> a staff member if a port is important to them).

Yeah... perhaps if there isn't a vulnerability. At the moment it's
marked FORBIDDEN, so it's useless -- anyone who is serious about
fixing it at whatever time is welcome to check it out of the Attic --
a slight inconvenience for which we apologise.

In the mean time, <record class="broken">the ports tree is not a
museum for ancient insecure bug-ridden software</record>.

Chris

-- 
Chris Rees          | FreeBSD Developer
crees at FreeBSD.org   | http://people.freebsd.org/~crees