Imagine: Foo 1.2.3 that
was current at the time of FreeBSD 6.0 release gets a severe vuln after
some time. Some admins upgrade to the latest and greatest Foo 1.2.9,
others to Foo 1.2.7 (probably with not recently updated ports tree)...
If 1.2.7 is secure, there is no problem. If 1.2.7 is not, portaudit will not
let you upgrade. It seems to me, you need to farmiliarize yourself first with
the mechanisms in place already, before shooting it.
Scrolling a couple of pages backwards, you suddenly realize that it was
I who first mentioned the role of portaudit in maintaining the security
info in this "thread". Nevermind.
There _might_ be a problem if one always upgrades to a newer release,
this way or another, right on the production machine. The whole point of
security updates is making users' lives easier. You upgrade, you want
the software-OS bundle to behave, feel and touch _exactly_ the same way
it did before. Once again, FreeBSD already _does_ that to the base system.
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
