Can certainly sympathize depending on the threat model, but how is that
any different from Equifax' not having time to patch Struts or not
having time to change the oil in your car or to brush your teeth ...
That's a non-sequitur if I understand the response correctly. Procmail IS
patched and I assume applied. So yes mom, teeth are brushed.
Correct from a 'known risk only' perspective but isn't code that is a)
largely unauditable and b) hasn't been maintained for a long time
considered vulnerable regardless of published vulnerabilities?
Perhaps not unlike brushing your teeth only when the dentist finds a
cavity, it doesn't fundamentally change the risk model.
Roger
_______________________________________________
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
