On Tue, Sep 17, 2013 at 10:39 AM, Lists <[email protected]> wrote: > On 2013-09-17 09:04, Paolo Pisati wrote: > >> and what about missing packages in the release repo? (e.g. >> transmission in 12.09) >> > > Didn't make it in for "some reason", similar to how packages fall from > Debian (unresolved bugs, no maintainer etc), that sort of thing. You may be > able to search mailing lists and find something. > > weird, because according to the source history back then transimission was at version 2.77, and there's no sign of breakage (nor any break-fix commit after that)... i wonder if there's a core list of pkgs that are built for every release vs 'all the pkgs that build fine are included' rule.
> > >> but even more worryingly, what about security fixes? >> access points, dsl modem/routers, etcetc are at the forefront of our >> networks and tier1 targets for attacks, how do we handle security? >> >> and besides, if we are meant to stick with the original release repo, >> what's the point of 'opkg upgrade'? >> >> > OpenWRT is based on static firmware images that you then overlay anything > you install after, eg I install 'ip' on every router, but this package gets > removed when I do a reset or firmware update. > > Say a package has a vuln, you could do a opkg upgrade to get a security > fix before 12.09.1 was released (which would have it integrated) > > actually i'm a bit in a different situation since my router is an alix board (a small x86 box that boots off an mmc card, so no overlay tricks here) but the short answer seems to be: stick to your release repo, wait for the next stable and upgrade when it's out. now, i don't want to sound like a pester but: http://downloads.openwrt.org/backfire/ backfire was release on 21-Aug-2010, while the first stable release was released 21-Dec-2011 - 16 months later - hardly a person can wait 16 monts for a kernel/ssh/web/$puthereyourservice if there's a vulnerability. bye, p.
_______________________________________________ openwrt-users mailing list [email protected] https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-users
