Subject: Re: binary packages with vulnerabilities removed from ftp - a bad
To: Geert Hendrickx <firstname.lastname@example.org>
From: Jeremy C. Reed <email@example.com>
Date: 01/29/2005 21:51:07
On Sat, 29 Jan 2005, Geert Hendrickx wrote:
> when a vulnerability is discovered in a package, the according binary
> package(s) are removed from NetBSD's ftp-mirrors. While the reason is
> obvious (we don't want vulnerable packages), I don't think this is a
> good idea. It can make it pretty difficult to use binary packages.
Yes, this is an inconvenience.
We should have a daily script that checks to see what packages are missing
and complain to the pkgsrc developers list every day!
Jeremy C. Reed
BSD News, BSD tutorials, BSD links