[RFC/HEADSUP] portmaster default -w (preserve shared libraries)
Matthias Andree
mandree at FreeBSD.org
Wed Dec 12 07:57:33 UTC 2012
Am 11.12.2012 20:34, schrieb Jeremy Messenger:
> If can't update all ports then please wait until when you can. I never
> have any problem to update all ports at a time by ran it over night
> time. Or even better, use packages if you can't afford the ports
> system.
This is ridiculous. We know that there have been extended (months!)
periods where we were stuck because all useful versions of some
important library had security vulnerabilities. The last pain I
recollect was libxul. Old version vulnerable, no new version, and then
when the new version was around, some dependencies did not work with
libxul-10*. This would in effect have meant "no update for months".
Bryan, practially, I propose that portmaster should
- list stored libraries on each and every run, and ask that the user
updates those ports that use the old, saved, libraries, pointing to
bsdadminutils and pkg_libchk.
- we may need to save more than just the .so files, namely, the origin
and portname of a saved library so that portmaster can run portaudit
against those names to complain about security issues in saved libraries.
More information about the freebsd-ports
mailing list