Subject: Re: CVS commit: pkgsrc/mail
To: None <tech-pkg@NetBSD.org>
From: Thomas Klausner <wiz@NetBSD.org>
List: tech-pkg
Date: 04/07/2004 10:51:21
On Wed, Apr 07, 2004 at 02:31:20PM +1000, grant beattie wrote:
> On Tue, Apr 06, 2004 at 01:50:57PM +0000, Todd Vierling wrote:
>
> > Log Message:
> > Make libmilter a build-time dependency only (it's a static library); bump
> > PKGREVISION of its dependencies.
>
> this means that a security update of libmilter would not trigger an
> auto rebuild of the packages which depend on it because it's no longer
> a runtime dependency.
A security problem with libmilter should be noted in the vulnerability
list, and the dependencies will have to have their pkgrevisions bumped
and be added to the list manually too.
That's the only clean solution I see to this...
Thomas