[RFC/HEADSUP] portmaster default -w (preserve shared libraries)
mandree at FreeBSD.org
Wed Dec 12 07:57:33 UTC 2012
Am 11.12.2012 20:34, schrieb Jeremy Messenger:
> If can't update all ports then please wait until when you can. I never
> have any problem to update all ports at a time by ran it over night
> time. Or even better, use packages if you can't afford the ports
This is ridiculous. We know that there have been extended (months!)
periods where we were stuck because all useful versions of some
important library had security vulnerabilities. The last pain I
recollect was libxul. Old version vulnerable, no new version, and then
when the new version was around, some dependencies did not work with
libxul-10*. This would in effect have meant "no update for months".
Bryan, practially, I propose that portmaster should
- list stored libraries on each and every run, and ask that the user
updates those ports that use the old, saved, libraries, pointing to
bsdadminutils and pkg_libchk.
- we may need to save more than just the .so files, namely, the origin
and portname of a saved library so that portmaster can run portaudit
against those names to complain about security issues in saved libraries.
More information about the freebsd-ports