Hi Brian,
On Wed, 12.12.2007 at 11:26:13 -0500, Brian A. Seklecki [EMAIL PROTECTED]
wrote:
There's a vulnxml feed for OpenBSD ports. It should be updated with
critical patches, and those should be pulled into 4.2-stable.
are you talking about this website?
http://www.vuxml.org/openbsd/
On Thu, Dec 13, 2007 at 04:10:39PM -0500, Jason Beaudoin wrote:
On Dec 13, 2007 1:05 PM, Raimo Niskanen [EMAIL PROTECTED] wrote:
On Thu, Dec 13, 2007 at 01:07:17PM +, Jonathan Thornburg wrote:
First, I'd like to thank those who provided useful responces to my
query (which started this
I would like to apologize for my early post to this topic, I was extremely rude
and disrespectful.
Please disregard it.
-Nix Fan.
Maybe I'm missing something, but it seems like security on a lot of
systems is trying to play catch-up with the latest patches.
I I have an enemy, that is exactly where I want him.
Seems like long ago OBSD tended to have fixed the latest whatever
about 6 months before everybody else woke up
On 12.12-16:25, [EMAIL PROTECTED] wrote:
I tried using pkgsrc-2007Q3 but it sucks. Updating userland in
production environment with pkgsrc on a non-NetBSD platform is a
nightmare.
i'm working on this. will post when significant progress has been
made. in my opinion having a working pkgsrc
Raimo Niskanen wrote:
On Wed, Dec 12, 2007 at 08:35:50AM +0100, Antoine Jacoutot wrote:
This was announced on ports@ IIRC.
So if there are security bugs in a package or port shipped with OpenBSD
4.2, there will be no updated package or updated port available?
That is correct.
Now, this
On (2007-12-13 10:28), Janne Johansson wrote:
The solution is very simple though. Everyone has been told what was
lacking in order to keep it up, so just make those resources available
and it will spring back up again. Simple as that.
Noone said we dont want stable packages.
It's
On 2007/12/12 14:54, Unix Fan wrote:
Why even have a -CURRENT ports tree?...
So that there are updated ports/packages for people running
-current, and quite importantly, for the next release.
IME it's a lot easier to run snapshots than -stable.
Have you tried it, or did you just decide you
First, I'd like to thank those who provided useful responces to my
query (which started this thread), both on- and off-list. I had missed
the announcement (http://marc.info/?l=openbsd-portsm=119347390302171w=1)
that -stable ports packages are no longer maintained.
Because -stable ports/packages
[EMAIL PROTECTED] wrote:
On 12.12-16:25, [EMAIL PROTECTED] wrote:
I tried using pkgsrc-2007Q3 but it sucks. Updating userland in
production environment with pkgsrc on a non-NetBSD platform is a
nightmare.
i'm working on this. will post when significant progress has been
made. in my opinion
On Thu, Dec 13, 2007 at 01:07:17PM +, Jonathan Thornburg wrote:
First, I'd like to thank those who provided useful responces to my
query (which started this thread), both on- and off-list. I had missed
the announcement (http://marc.info/?l=openbsd-portsm=119347390302171w=1)
that -stable
On Dec 13, 2007 1:05 PM, Raimo Niskanen [EMAIL PROTECTED] wrote:
On Thu, Dec 13, 2007 at 01:07:17PM +, Jonathan Thornburg wrote:
First, I'd like to thank those who provided useful responces to my
query (which started this thread), both on- and off-list. I had missed
the announcement
critical patches, and those should be pulled into 4.2-stable.
Unfortunately, it isn't that easy. Some updates imply updates of
depending ports (e.g. poppler and evince), which may imply further
updates of dependencies. So you'll end up with -current -- more or
less, including more
Jason Beaudoin wrote:
On Dec 13, 2007 1:05 PM, Raimo Niskanen
[EMAIL PROTECTED] wrote:
On Thu, Dec 13, 2007 at 01:07:17PM +, Jonathan Thornburg wrote:
First, I'd like to thank those who provided useful responces to my
query (which started this thread), both on- and off-list.
I
So if there are security bugs in a package or port shipped with OpenBSD 4.2,
there will be no updated package or updated port available?
That is correct.
--
Antoine
How do you gents keep your 4.2 stable OpenBSD server ( read packages,
not system ) bug free?
If I remember correctly, I'm
On Wed, 12 Dec 2007, ico wrote:
How do you gents keep your 4.2 stable OpenBSD server ( read packages,
not system ) bug free?
If I remember correctly, I'm not supposed to use 4.2 stable system
with current ports.
Personnaly, I use -current (base+packages) everywhere.
But this is just me.
--
There's a vulnxml feed for OpenBSD ports. It should be updated with
critical patches, and those should be pulled into 4.2-stable.
If your business depends on OpenBSD ports, maybe you can sponsor a
4.2-stable build sandbox. I know mine does, and I'm happy to host it.
We're talking at-most 30
On Wed, Dec 12, 2007 at 08:35:50AM +0100, Antoine Jacoutot wrote:
On Tue, 11 Dec 2007, Joe wrote:
Wow. I didn't know this changed.
This was announced on ports@ IIRC.
So if there are security bugs in a package or port shipped with OpenBSD
4.2, there will be no updated package or updated
On Wed, Dec 12, 2007 at 08:35:50AM +0100, Antoine Jacoutot wrote:
On Tue, 11 Dec 2007, Joe wrote:
Wow. I didn't know this changed.
This was announced on ports@ IIRC.
So if there are security bugs in a package or port shipped with OpenBSD
4.2, there will be no updated package or
Raimo Niskanen wrote:
On Wed, Dec 12, 2007 at 08:35:50AM +0100, Antoine Jacoutot wrote:
On Tue, 11 Dec 2007, Joe wrote:
Wow. I didn't know this changed.
This was announced on ports@ IIRC.
So if there are security bugs in a package or port shipped with OpenBSD
4.2, there will be no updated
PROTECTED],Martin Schrvder [EMAIL PROTECTED],Misc-Openbsd
Listserv misc@openbsd.org
Subject: Re: no 4.2-stable package updates??
So if there are security bugs in a package or port shipped with OpenBSD 4.2,
there will be no updated package or updated port available?
That is correct
ico wrote:
So if there are security bugs in a package or port shipped with OpenBSD 4.2,
there will be no updated package or updated port available?
That is correct.
--
Antoine
How do you gents keep your 4.2 stable OpenBSD server ( read packages,
not system ) bug free?
I run build
On 12/12/07, Raimo Niskanen [EMAIL PROTECTED] wrote:
On Wed, Dec 12, 2007 at 08:35:50AM +0100, Antoine Jacoutot wrote:
On Tue, 11 Dec 2007, Joe wrote:
So if there are security bugs in a package or port shipped with OpenBSD
4.2, there will be no updated package or updated port available?
On 12/12/07, Darren Spruell [EMAIL PROTECTED] wrote:
Why -current? I thought what had fallen behind from lack of resources
was binary packages. Surely OPENBSD_4_2 (stable branch of ports tree)
still has updated ports.
Just build -stable packages from ports (like you did in the olden days.)
On Dec 12, 2007 11:41 AM, knitti [EMAIL PROTECTED] wrote:
On 12/12/07, Raimo Niskanen [EMAIL PROTECTED] wrote:
On Wed, Dec 12, 2007 at 08:35:50AM +0100, Antoine Jacoutot wrote:
On Tue, 11 Dec 2007, Joe wrote:
So if there are security bugs in a package or port shipped with OpenBSD
4.2,
On Wednesday 12 December 2007 12:25:40 Theo de Raadt wrote:
On Wed, Dec 12, 2007 at 08:35:50AM +0100, Antoine Jacoutot wrote:
On Tue, 11 Dec 2007, Joe wrote:
Wow. I didn't know this changed.
This was announced on ports@ IIRC.
So if there are security bugs in a package or port
knitti wrote:
On 12/12/07, Raimo Niskanen [EMAIL PROTECTED] wrote:
On Wed, Dec 12, 2007 at 08:35:50AM +0100, Antoine Jacoutot wrote:
On Tue, 11 Dec 2007, Joe wrote:
Now, this will prevent me from upgrading to 4.2.
It isn't so that any pre-4.2-stable will be updated, so you
lose nothing
On Dec 12, 2007 1:11 PM, knitti [EMAIL PROTECTED] wrote:
On 12/12/07, Darren Spruell [EMAIL PROTECTED] wrote:
Why -current? I thought what had fallen behind from lack of resources
was binary packages. Surely OPENBSD_4_2 (stable branch of ports tree)
still has updated ports.
Just build
On Wed, Dec 12, 2007 at 11:26:13AM -0500, Brian A. Seklecki wrote:
There's a vulnxml feed for OpenBSD ports. It should be updated with
critical patches, and those should be pulled into 4.2-stable.
Unfortunately, it isn't that easy. Some updates imply updates of
depending ports (e.g. poppler
This really does suck... While we as users appreciate developers hard work, A
majority rely on -STABLE for updated and secure 3rd party software..
You really can't expect everyone to use -CURRENT in a production environment..
and it's been made clear that using -CURRENT ports on a -STABLE
On 12 Dec 2007 14:54:59 -0800, Unix Fan [EMAIL PROTECTED] wrote:
Why even have a -CURRENT ports tree?
Um, to have somewhere for new and updated ports to go?
Unix Fan writes:
This really does suck... While we as users appreciate developers hard work,
A majority rely on -STABLE for updated and secure 3rd party software..
Really? You have statistics? I'd be curious to see how many run
stable vs. old releases vs. current.
Why even have a
On 12 Dec 2007 14:54:59 -0800, Unix Fan wrote:
This really does suck... While we as users appreciate developers hard work, A
majority rely on -STABLE for updated and secure 3rd party software..
So why does that majority not provide the skills or the money to
support that facility?
Maybe you
So why does that majority not provide the skills or the money to
support that facility?
Maybe you should use something else that panders to your appetite.
Completely unable to resist a great setup presented above, is the software
really free then?
Brian
On Wed, 12 Dec 2007 16:56:08 -0800 (PST), Brian wrote:
So why does that majority not provide the skills or the money to
support that facility?
Maybe you should use something else that panders to your appetite.
Completely unable to resist a great setup presented above, is the software
really
On 12-Dec-07, at 5:54 PM, Unix Fan wrote:
You really can't expect everyone to use -CURRENT in a production
environment..
Wow, I've read an unusual amount of stupid things on this list in the
last two days but this takes the cake (hint: it's not about whether
or not people run -current
Brian [EMAIL PROTECTED] writes:
So why does that majority not provide the skills or the money to
support that facility?
Maybe you should use something else that panders to your appetite.
Completely unable to resist a great setup presented above, is the
software really free then?
free
As a matter of policy, are -stable packages updated for security fixes?
I know that used to be the case, but as of today (40 days after 4.2 was
released), there are *no* 4.2-stable package updates shown at
http://www.openbsd.org/pkg-stable.html. In contrast, there are 183
4.1-stable updates
On Tue, 11 Dec 2007, Jonathan Thornburg wrote:
So, am I just lucky that no bugs-important-enough-for-stable-updates
have been found in any 4.2 packages yet? Is there somewere other than
http://www.openbsd.org/pkg-stable.html that I should be watching if I
want to keep -stable packages up to
On Tue, 11 Dec 2007, Martin Schrvder wrote:
Get -stable ports fixed?
Lack of interest/man power.
--
Antoine
]
To: Martin Schrvder [EMAIL PROTECTED]
Cc: Misc-Openbsd Listserv misc@openbsd.org
Sent: Tuesday, December 11, 2007 1:09 PM
Subject: Re: no 4.2-stable package updates??
On Tue, 11 Dec 2007, Martin Schrvder wrote:
Get -stable ports fixed?
Lack of interest/man power.
--
Antoine
Marcos Laufer wrote:
My opinion is that more money should be raised in order to
keep -stable up to date.
I think it's important to mantain a stable distribution, it's one
of the things that give openbsd it's fame of being solid rock
Marcos
Seriously? More money? Like enough to woo someone
Wow. I didn't know this changed.
So if there are security bugs in a package or port shipped with
OpenBSD 4.2, there will be no updated package or updated port available?
I'm in no position to ask someone to do this, so I won't. But this
really bites.
On Dec 11, 2007, at 8:09 AM,
On Tue, 11 Dec 2007, Joe wrote:
Wow. I didn't know this changed.
This was announced on ports@ IIRC.
So if there are security bugs in a package or port shipped with OpenBSD 4.2,
there will be no updated package or updated port available?
That is correct.
--
Antoine
44 matches
Mail list logo