On 4/22/20 2:24 PM, Consus wrote: > On Wed, Apr 22, 2020 at 02:19:19PM -0400, Michael Orlitzky wrote: >> How do you plan to update all of your programs when there's a security >> vulnerability in, say, OpenSSL? > > emerge -1 @world of course :D > > By the way, Rust does support dynamic linking (to a degree), but does > not have (yet, I pray) stable ABI. So what's current Gentoo team > consensus on security updates? Will there be Cargo.lock metadata that > will allows portage to automatically rebuild against newer library > versions? >
Rust packages get no security updates. Neither do Go packages. That's what I'm screaming about in those threads on gentoo-dev that you singled out in your original post =)
