| 1 |
On 4/22/20 2:24 PM, Consus wrote: |
| 2 |
> On Wed, Apr 22, 2020 at 02:19:19PM -0400, Michael Orlitzky wrote: |
| 3 |
>> How do you plan to update all of your programs when there's a security |
| 4 |
>> vulnerability in, say, OpenSSL? |
| 5 |
> |
| 6 |
> emerge -1 @world of course :D |
| 7 |
> |
| 8 |
> By the way, Rust does support dynamic linking (to a degree), but does |
| 9 |
> not have (yet, I pray) stable ABI. So what's current Gentoo team |
| 10 |
> consensus on security updates? Will there be Cargo.lock metadata that |
| 11 |
> will allows portage to automatically rebuild against newer library |
| 12 |
> versions? |
| 13 |
> |
| 14 |
|
| 15 |
Rust packages get no security updates. Neither do Go packages. That's |
| 16 |
what I'm screaming about in those threads on gentoo-dev that you singled |
| 17 |
out in your original post =) |
Archives