Re: Updating 'Release' with packaged Security Fixes

[mailbox]

>... there are file sets for -stable releases available

>www.openbsd-stable.org. It's not an official part of

>OpenBSD, so it's up to you to trust those files or not.

Thank you for pointing me to this option.

I understand from Marco Peereboom's reply that

they are open for additional help in this matter.

Wouldn't this be the kind of contribution he

encouraged regarding the question of keeping

"Release" up to date with "Security Fixes"?

You addressed the trust issue. 

This question also came to my mind at reading

Marco's reply. On the one hand there is a shortage

of programmer hours at the OpenBSD project.

On the other hand there would be a need to review

the contribution from a new participant by a trusted

project member for some time.

As the compilations from openbsd-stable.org are

currently not part of an official 'between releases' 

update path what would be the preferred form and

extent of such contributions?

Updating 'Release' with packaged Security Fixes

[mailbox]

Are there considerations to push the very few changes marked as 'Security
Fixes'
into the 'Release' branch between releases?

So that a 'Release' user could do a pgk_add -u fixed.tgz to get the fixed
version
of the package.

This would benefit users who like to have the 2 or 3 'Security Fixes'
covered 
without the need to apply patches by hand or working with the Patch
branch.