Tobias Roth wrote:
On Wed, Oct 12, 2005 at 12:09:53PM +0200, jere wrote:
And you cannot expect the port maintainers to backport security fixes if the upstream provider chose to release the fix only together with a new version.
Yes you can, ask these guys: http://www.debian.org/. It's just a matter of policy.
I dislike the long cycles between version updates in Debian but must admit that the "stable" distributions indeed justify their name, INCLUDING packages.
My idea is that there could maybe be some "core" ports, about 1500 or so, that would get the special treatment of beeing updated in such a "stable" fashion on a branch in ports tree tagged (for example) RELENG_6_0. These ports would be publically announced as being "anchored" to a release and updated (including backporting security fixes) for as long as the release is maintained by the FreeBSD's security team.
_______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[EMAIL PROTECTED]"
