Subject: Re: unix worm via ssh1
To: Jeremy C. Reed <reed@reedmedia.net>
From: Manuel Bouyer <bouyer@antioche.eu.org>
List: tech-security
Date: 11/18/2001 16:26:48
On Sat, Nov 17, 2001 at 08:29:48PM -0800, Jeremy C. Reed wrote:
> On Sat, 17 Nov 2001, Manuel Bouyer wrote:
>
> > We have openssl-0.9.5a on the ftp server. If we remplace openssl-0.9.5a with
> > openssl-0.9.6, all 1.4.2 packages build against openssl-0.9.5a needs to be
> > rebuild against 0.9.6, which may show other dependancies too ...
>
> It seems like another good reason to offer two separate pkgsrc
> collections: one for current and continuing development and the other to
> just track the important bug and security fixes for the stable release.[1]
This has been discussed. pkgsrc peoples says there isn't enouth man power
to do this rigth now.
Remember that with NetBSD, you have to test a pullup to the stable branch on
a large number of platforms.
--
Manuel Bouyer <bouyer@antioche.eu.org>
--