Subject: Re: dependencies & security vulnerabilities
To: Johnny C. Lam <jlam@NetBSD.org>
From: Malcolm Herbert <firstname.lastname@example.org>
Date: 08/01/2005 11:07:37
I agree with the sentiment here, but how do you intend to distinguish
between two versions of a particular pre-compiled package with the same
version number where one is secure and the other not?
Unfortunate as the knock-on effects of bumping the revision number are,
at least you can tell from the outside without installing it ...
I personally have no problem either way, but thought it a kink worth
Computer Support Officer
School of Geosciences
ph 9905 4881