| 1 |
On Friday 10 October 2008, Ciaran McCreesh wrote: |
| 2 |
> On Fri, 10 Oct 2008 09:32:44 +0300 |
| 3 |
> |
| 4 |
> Mart Raudsepp <leio@g.o> wrote: |
| 5 |
> > > Of those, and those in overlays, and those that are going to be |
| 6 |
> > > committed over the next few weeks, how many use src_prepare to |
| 7 |
> > > apply security related patches? |
| 8 |
> > |
| 9 |
> > A round zero. Security patches are going stable soon after entering |
| 10 |
> > portage tree, and EAPI=2 ebuilds can not go stable yet, as there is |
| 11 |
> > no package manager supporting EAPI=2 that is going to be stable in |
| 12 |
> > the next week or two (so maintainers make sure they don't use |
| 13 |
> > EAPI=2 for security fix revisions). |
| 14 |
> |
| 15 |
> Oh really? So you're absolutely certain there aren't and won't soon |
| 16 |
> be any EAPI 2 bumps of non-EAPI 2 versions that include security |
| 17 |
> patches? |
| 18 |
|
| 19 |
This would not affect stable users, as Mart pointed out. ~arch users |
| 20 |
should keep their systems up-to-date anyway (including their PM), and |
| 21 |
should be aware their security support is limited to providing updates. |
| 22 |
|
| 23 |
|
| 24 |
Robert |
Archives