On Sun, Jul 04, 2010 at 11:18:59AM +0200, Toni Mueller wrote: > Umm... Marc's response made it very clear that a user of ports or > packages is mostly out in the dust. I didn't expect much else, > anyway, but this is one of OpenBSD's real weaknesses, as there is > no security support for ports nor packages, and I think we should be > able to agree upon the idea that expecting OpenBSD users to wait for > about half a year until they can fix up their system is beyond reason.
That's no longer true, we do have people handling stable ports and packages for security purposes. There was a gap where this was not the case, but it's no longer true at all (I can vouch for, for instance, drupal security fixes being backported). If you find important security issues that are not handled in stable, bring them to the attention of this list, and ask for fixes.
