On 10/08/2014 08:30 PM, Sean Alexandre wrote:
Ideally I'd like a list like debian-security-announce [5] that gets posts about security updates. I'd follow it, and rebuild as needed.
I second that. As costly (in the man-hour sense) this might be, still would be a huge addition to keep a secure ecosystem, and an incentive to the maintainers to keep their packages updated (what's the point in updating a package now, if almost no one with an already deployed system will upgrade or hear about the issue?).
This is aggravated by the fact that currently does not exists a simple tool like "yum upgrade" for OpenWRT that can update all packages at once, and ensure a fully updated system.
Also, this would help to keep a centralized and historical record of all security issues OpenWRT had had. Being the router a core infrastructure equipment, I think having this list is of ultimate importance.
-- Bernardo Donadio _______________________________________________ openwrt-users mailing list [email protected] https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-users
