pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: cups builds

It seems like we should have OpenSLP 2.0.0

Possibly. Do you have a patch for updating the package? :)

Perhaps a different year for me, and you aleady have lots on your list.

and D-Bus 1.7.0

No. From the homepage:
The current stable branch is D-Bus 1.6.x. This is the recommended version for most purposes. The current development branch is D-Bus 1.7.x, which will lead to a 1.8.x stable branch in future.

We usually avoid development versions in pkgsrc.

Yes- the label is "stable" but every day I receive a message from package
vulnerabilities about dbus.  It would seem that if it was fixed then that
would also go back to dbus 1.6 but I am not sure.

For SA50544 (CVE-2012-3524), it may be fixed in dbus-1.7 (master branch),
but NEWS in dbus-1.6.6 and 1.6.8 also mentions about CVE-2012-3524.

They are worried about fixing security problems so that keyring will work.
Gnome Keyring is the precursor "single point of fail" leading to OpenID.

Big B[oy][rother]

"too late, too late, too late"  -Jim Douglas Morrison

One more question, though- if things like D-Bus 1.7 were included in
something like /usr/pkgsrc/devel, would it or would it not lead to more
secure versions of cups?

"pkgsrc/devel" is not for the place neither "development branch version packages"
nor "development library variant packages".

See comment in pkgsrc/devel/Makefile.

Thank you for the kind response, but this is what I found in the file:

COMMENT=        Development utilities

and lots of utilities were listed below.

If I am missing something there then please expound.


Home | Main Index | Thread Index | Old Index