11.08.2011 22:20, Martin Simmons wrote:
On Wed, 10 Aug 2011 23:20:04 +0300, Volodymyr Kostyrko said:
PS: As far as I understand the main problem is about mirroring correct
player versions. Anyone (even me) can apply for a redistribution rights
and make those files available for download the way we want (the way
each version will have unique url).
Wouldn't that be dangerous, because it would allow easy use of old versions
that contain critical vulnerabilities?
This applies to any vulnerable package like apache or png. We already
have means of dealing with this like ports updating and vuxml.
I'm talking about stability here. Adobe silently shipped another version
and our port become unbuildable because distfile wasn't available
anymore. Making up mirror with archive versions saves us the time when
port wasn't updated yet but we have no directions of retrieving old
verified distfile.
--
Sphinx of black quartz judge my vow.
_______________________________________________
freebsd-emulation@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-emulation
To unsubscribe, send any mail to "freebsd-emulation-unsubscr...@freebsd.org"
