On Fri, Nov 06, 2015 at 05:53:51PM +0100, Juan Francisco Cantero Hurtado wrote: > On Fri, Nov 06, 2015 at 09:18:09AM +0500, ?????????? ?????????????? wrote: > > On Wed, Nov 04, 2015 at 09:46:27AM +0000, Stuart Henderson wrote: > > > On 2015/11/03 10:38, ?????????? ?????????????? wrote: > > > > On Tue, Nov 03, 2015 at 02:19:51AM +0100, Juan Francisco Cantero > > > > Hurtado wrote: > > > > > On Sun, Nov 01, 2015 at 11:41:21PM +0500, ?????????? ?????????????? > > > > > wrote: > > > > > > Here is output on my system, OpenBSD 5.8, from out-of-date script: > > > > > > > > > > > > databases/postgresql,-server # @libxml-2.9.2p1 -> @libxml-2.9.2p2 > > > > > > devel/quirks # always-update -> quirks-2.114 > > > > > > editors/libreoffice,-main # @libxslt-1.1.28p2 -> > > > > > > @libxslt-1.1.28p3 > > > > > > misc/shared-mime-info # @libxml-2.9.2p1 -> @libxml-2.9.2p2 > > > > > > multimedia/libbluray # @libxml-2.9.2p1 -> @libxml-2.9.2p2 > > > > > > print/cups,-libs # @gnutls-3.3.16 -> @gnutls-3.3.16p0 > > > > > > textproc/raptor # @libxslt-1.1.28p2 -> > > > > > > @libxslt-1.1.28p3 > > > > > > x11/gnome/librsvg # > > > > > > @gdk-pixbuf-2.30.8p1,@libxml-2.9.2p1 -> > > > > > > @gdk-pixbuf-2.30.8p3,@libxml-2.9.2p2 > > > > > > x11/gtk+2,-main # @gdk-pixbuf-2.30.8p1 -> > > > > > > @gdk-pixbuf-2.30.8p3 > > > > > > x11/gtk+3,-guic # @gdk-pixbuf-2.30.8p1 -> > > > > > > @gdk-pixbuf-2.30.8p3 > > > > > > x11/kde/libs3,-main # @libxslt-1.1.28p2 -> > > > > > > @libxslt-1.1.28p3 > > > > > > > > > > > > Am I right, that left column is ports/packages that can be updated; > > > > > > right > > > > > > column is reason why they need to be updated? > > > > > > > > > > Yes. > > > > > > > > > > > Also is it true that in my case I can ignore all this updates > > > > > > because > > > > > > all ports from left column are dynamicaly linked with already > > > > > > updated > > > > > > library from right column? > > > > > > > > > > No. Those ports use the outdated version of the library. > > > > > > > > Can You elaborate, please, I don't understand. E.g. shared-mime-info. > > > > > > > > $ ldd /usr/local/bin/update-mime-database | grep libxml > > > > 00001d0114c00000 00001d011515f000 rlib 0 1 0 > > > > /usr/local/lib/libxml2.so.15.1 > > > > > > > > $ pkg_info | grep libxml > > > > > > > > > > > > libxml-2.9.2p2 XML parsing library > > > > > > > > So libxml already updated. If I understand correctly: if libxml updated > > > > and update-mime-database > > > > _dynamicaly_ linked to it there is no need further intervention, is not > > > > is so? > > > > > > > > Thanks. > > > > > > > > > > Look in e.g. /var/db/pkg/shared-mime-info-1.5/+CONTENTS and you'll > > > see that it records the dependency like this > > > > > > @depend textproc/libxml,-main:libxml-*:libxml-2.9.2p2 > > > ... > > > @wantlib xml2.15.1 > > > > > > out-of-date reports on any packages where the @depend line is out > > > of date compared to the ports tree, even though the shared library > > > itself (noted in the @wantlib line) hasn't changed incompatibly. > > > > I'm sorry for reiterate it over again and thanks for detailed > > clarification. But if I understand it correctly I'am right with my > > example above with update-mime-database? I already have newest > > version libxml installed so de-facto there is no need updating > > update-mime-database in such case? > > You doesn't have the newest version. There is always a good reason to > change the REVISION of a port (look at the pX suffix). In this case, > the version 2.9.2p2 includes two security fixes.
He also has the new version installed. He just have a few packages installed, which were build against the old version. If they use the dynamic library, there's just the new one. > In short, always update your packages. No exception. It's my prefered way too. No need to see if something still may use an older library. Regards, Markus
