[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: cups builds
It seems like we should have OpenSLP 2.0.0
Possibly. Do you have a patch for updating the package? :)
Perhaps a different year for me, and you aleady have lots on your list.
and D-Bus 1.7.0
No. From the homepage:
The current stable branch is D-Bus 1.6.x. This is the recommended version
for most purposes.
The current development branch is D-Bus 1.7.x, which will lead to a 1.8.x
stable branch in future.
We usually avoid development versions in pkgsrc.
Yes- the label is "stable" but every day I receive a message from package
vulnerabilities about dbus. It would seem that if it was fixed then that
would also go back to dbus 1.6 but I am not sure.
For SA50544 (CVE-2012-3524), it may be fixed in dbus-1.7 (master branch),
but NEWS in dbus-1.6.6 and 1.6.8 also mentions about CVE-2012-3524.
They are worried about fixing security problems so that keyring will work.
Gnome Keyring is the precursor "single point of fail" leading to OpenID.
"too late, too late, too late" -Jim Douglas Morrison
One more question, though- if things like D-Bus 1.7 were included in
something like /usr/pkgsrc/devel, would it or would it not lead to more
secure versions of cups?
"pkgsrc/devel" is not for the place neither "development branch version
nor "development library variant packages".
See comment in pkgsrc/devel/Makefile.
Thank you for the kind response, but this is what I found in the file:
COMMENT= Development utilities
and lots of utilities were listed below.
If I am missing something there then please expound.
Main Index |
Thread Index |