On 14 Feb 2001, Chris Jones wrote:

> If there are new features (or especially bug fixes) in pkgsrc openssh
> (2.3) that aren't in 1.5's openssh (2.2), then we should make sure
> that pkgsrc openssh can install on a 1.5 system.

You should not install pkgsrc openssh on a 1.5 system, especially for
a security fix. The binary package installs to /usr/pkg, which leaves
the old, bad /usr/bin/ssh and /usr/sbin/sshd still in place, waiting
to trap the unwary user. If you build your own package, you could set
LOCALBASE=/, to overwrite the existing binaries, but that's lame -- it
would be easier and less trouble to check out the appropriate subdirs
on the netbsd-1-5 branch and "make depend && make && make install".

> If there are no such new features, then pkgsrc openssh should refuse
> to install on a 1.5 system, and it should give a clear explanation of
> why, to avoid confusion.
>
> Chris
>
>


Frederick