On Sat, Jul 03, 2010 at 11:34:31AM +0100, Matthias Scheler wrote:
> the "pkgsrc-2010Q2" branch is seriously broken at the moment. Please do
> *not* start bulk builds at the moment.
>
> As a lot of patch files are missing in the branch you might end up with
> packages that are "secure" according to "pkg_admin audit" but are in
> fact still vulnerable as.
The "good" news is that the branch sources are outdated but consistent.
Packages build from the branch will have version numbers that are
recognized as vulnerable.
The bad is news is however that the new branch lacks several package
updates e.g. to "lang/perl5" that were in the old branch.
Kind regards
--
Matthias Scheler http://zhadum.org.uk/
Attachment:
pgpOmVZVyKyql.pgp
Description: PGP signature