Am 11.12.2012 20:34, schrieb Jeremy Messenger: > If can't update all ports then please wait until when you can. I never > have any problem to update all ports at a time by ran it over night > time. Or even better, use packages if you can't afford the ports > system.
This is ridiculous. We know that there have been extended (months!) periods where we were stuck because all useful versions of some important library had security vulnerabilities. The last pain I recollect was libxul. Old version vulnerable, no new version, and then when the new version was around, some dependencies did not work with libxul-10*. This would in effect have meant "no update for months". Bryan, practially, I propose that portmaster should - list stored libraries on each and every run, and ask that the user updates those ports that use the old, saved, libraries, pointing to bsdadminutils and pkg_libchk. - we may need to save more than just the .so files, namely, the origin and portname of a saved library so that portmaster can run portaudit against those names to complain about security issues in saved libraries. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "[email protected]"
