[Bug 241347] security/sssd: Update to 1.16.4
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Oct 21 10:12:44 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241347
--- Comment #4 from lukas.slebodnik at intrak.sk ---
(In reply to Rick from comment #1)
> Also, the SSSD project is shipping version 2.2. Are there compelling reasons for not updating to the project's most recent version, or at least adding it as a new port, security/sssd2 for example?
You would need to follow upstream closer to know the context.
There is not any sssd-2.0 or sssd-2.1 branch and thus they cannot bachport
fixes there. And there were 2 regressions quite serious regressions between
2.2.0 and 2.2.2
Upstream promised to make sssd-1.13 LTS version but reality is different.
CVE-2019-3811 (https://pagure.io/SSSD/sssd/issue/3901) was fixed just in master
and sssd-1-16 branch. Sure, we could backport patches ourselves. but it is more
complicated to backport patches from sssd-1.16 branch to sssd-1.13.
The sssd-1-13 branch had the latest commit 14 months ago and sssd-1-16 11 days
ago.
I am not sure whether adding security/sssd2 make a sense.
I would rather wait till sssd-2.x stabilize on Linux and then move from
sssd-1.16 to sssd-2.x. So far sssd-1-16 is still in "active" state in usptream.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list