[RFC/HEADSUP] portmaster default -w (preserve shared libraries)
Bryan Drewery
bdrewery at freebsd.org
Thu Dec 13 16:56:42 UTC 2012
On 12/12/2012 1:57 AM, Matthias Andree wrote:
> Am 11.12.2012 20:34, schrieb Jeremy Messenger:
>
>> If can't update all ports then please wait until when you can. I never
>> have any problem to update all ports at a time by ran it over night
>> time. Or even better, use packages if you can't afford the ports
>> system.
>
> This is ridiculous. We know that there have been extended (months!)
> periods where we were stuck because all useful versions of some
> important library had security vulnerabilities. The last pain I
> recollect was libxul. Old version vulnerable, no new version, and then
> when the new version was around, some dependencies did not work with
> libxul-10*. This would in effect have meant "no update for months".
>
>
> Bryan, practially, I propose that portmaster should
>
> - list stored libraries on each and every run, and ask that the user
> updates those ports that use the old, saved, libraries, pointing to
> bsdadminutils and pkg_libchk.
>
> - we may need to save more than just the .so files, namely, the origin
> and portname of a saved library so that portmaster can run portaudit
> against those names to complain about security issues in saved libraries.
>
Good points and ideas. I will keep those in mind.
--
Regards,
Bryan Drewery
bdrewery at freenode/EFNet
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 896 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20121213/b4704304/attachment.sig>
More information about the freebsd-ports
mailing list