why pkgs with vulnerabilities on quarterly aren’t updated
rplace at vivaldi.net
Sat Nov 25 16:21:46 UTC 2017
Every day I check pkg audit -F on 11.1 from quarterly, and for like a month
it’s listed many xorg-server vulnerabilities. And now it’s listed firefox-esr
vulnerabilities for what seems like at least a week.
For xorg-server, I see that there’s
which has drawn zero attention.
I see that there are newer versions in latest.
How do I tell when issues have fallen between the cracks vs
a change deliberately not being brought to quarterly?
In cases like this, does it make sense to talk to maintainers,
or to one of the pkg/ports lists, or…?
More information about the freebsd-questions