Ian P. Christian wrote: > On 08/16/06 Jan Meier wrote: >> I am using glsa-check for reporting vulnerable software, currently >> not for updating. I will give "emerge imagemagick" a shot, maybe that >> has less dependencies :) . With your answeres in mind I came to the >> opinion that there is not a real need for a "stable portage tree". > > I personally think there is a a large need for a stable tree. [ snipp ] The basic problem here is: Upstream may not publish "security fixes" but just a new (fixed) version. If you want a "stable" tree, you have to watch upstream cvs/svn/mailing lists and backport fixes. That is a lot of work.
cheers Paul -- [email protected] mailing list
