Subject: Re: security fixes and 1.6 branch of pkgsrc
To: Julio Merino <email@example.com>
From: None <firstname.lastname@example.org>
Date: 01/05/2003 18:38:11
On Sun, 5 Jan 2003, Julio Merino wrote:
> On Sun, 5 Jan 2003 12:58:24 -0600 (CST)
> C=E9sar Catri=E1n <email@example.com> wrote:
> > You should always use current pkgsrc.
> No. -- AFAIK, the 1.6 branch should incorporate security updates and
> bugfixes, so that you could keep a stable system with secure and stable
> packages. If it is not beeing done, I do not know the reason :p
There is a manpower issue. Also, because the 1.6 branch tries very very
hard to completely work, any updates to the branch need to be very
important (security or completely broken on some system) and very well
tested (preferably on more than one port). We want to avoid making
someone spend 2 weeks rebuilding all their pkgs just because a newer
version of something like png became available. In fact part of
the reason for the branch was so that there would be a fairly
stationary target for a slower system like a pmax or sparc to
build and fix remaining bugs on.
Hopefully this problem is something that the package views currently under
development will help with though.