| 1 |
Ian P. Christian wrote: |
| 2 |
> On 08/16/06 Jan Meier wrote: |
| 3 |
>> I am using glsa-check for reporting vulnerable software, currently |
| 4 |
>> not for updating. I will give "emerge imagemagick" a shot, maybe that |
| 5 |
>> has less dependencies :) . With your answeres in mind I came to the |
| 6 |
>> opinion that there is not a real need for a "stable portage tree". |
| 7 |
> |
| 8 |
> I personally think there is a a large need for a stable tree. |
| 9 |
[ snipp ] |
| 10 |
The basic problem here is: Upstream may not publish "security fixes" but |
| 11 |
just a new (fixed) version. If you want a "stable" tree, you have to |
| 12 |
watch upstream cvs/svn/mailing lists and backport fixes. That is a lot |
| 13 |
of work. |
| 14 |
|
| 15 |
cheers |
| 16 |
Paul |
| 17 |
-- |
| 18 |
gentoo-server@g.o mailing list |
Archives