Procmail got updated!

Kevin Oberman rkoberman at gmail.com
Sat Dec 23 07:12:18 UTC 2017


On Fri, Dec 22, 2017 at 2:29 AM, Matthias Andree <matthias.andree at gmx.de>
wrote:

> Am 22.12.2017 um 07:09 schrieb Eugene Grosbein:
> > 22.12.2017 9:50, Matthias Andree пишет:
> >> Am 21.12.2017 um 10:16 schrieb Eugene Grosbein:
> >>
> >>> So, you demand we stop shipping any unmaintained software with our
> Ports & Packages?
> >>> Absence of CVEs means nothing and almost any non-trivial software has
> bugs (axiom).
> >> Eugene, these are attempts to distract from the argument, or to mount to
> >> fallacies. I do not intend to respond further to them or other of your
> >> messages in this thread.
> > That was real question, I like to know the answer.
>
> That generic question bears no relevance to the procmail case.


OK. It looked  like a reasonable question and a one-liner answer which
seemed to say "I can't justify anything here" or "I don't want to bother".
So maybe it could be clarified.

First, I don't think Eugene meant "unmaintained by FreeBSD" but
unmaintained upstream. Or maybe both. Can you clarify, Eugene?

We have many ports that have no FreeBSD maintainer. We have fewer, but many
that have no upstream maintainer. I know, as I use and have a critical need
for a few. One that comes to mind is complex and almost certainly has at
least one bug that could trigger a CVE if found. This is true with  almost
any complex code.

So, why does Eugene's question have no relevance to the procmail case?
Could you please explain?

For the record, I have not used procmail for at least 7 years, perhaps
longer.
--
Kevin Oberman, Part time kid herder and retired Network Engineer
E-mail: rkoberman at gmail.com
PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683


More information about the freebsd-ports mailing list