1 |
On Friday 10 October 2008, Ciaran McCreesh wrote: |
2 |
> On Fri, 10 Oct 2008 09:32:44 +0300 |
3 |
> |
4 |
> Mart Raudsepp <leio@g.o> wrote: |
5 |
> > > Of those, and those in overlays, and those that are going to be |
6 |
> > > committed over the next few weeks, how many use src_prepare to |
7 |
> > > apply security related patches? |
8 |
> > |
9 |
> > A round zero. Security patches are going stable soon after entering |
10 |
> > portage tree, and EAPI=2 ebuilds can not go stable yet, as there is |
11 |
> > no package manager supporting EAPI=2 that is going to be stable in |
12 |
> > the next week or two (so maintainers make sure they don't use |
13 |
> > EAPI=2 for security fix revisions). |
14 |
> |
15 |
> Oh really? So you're absolutely certain there aren't and won't soon |
16 |
> be any EAPI 2 bumps of non-EAPI 2 versions that include security |
17 |
> patches? |
18 |
|
19 |
This would not affect stable users, as Mart pointed out. ~arch users |
20 |
should keep their systems up-to-date anyway (including their PM), and |
21 |
should be aware their security support is limited to providing updates. |
22 |
|
23 |
|
24 |
Robert |