pkgsrc-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: ANN: Availability of pkg(8)-capable pkgsrc
On 13 November 2016 at 00:18, John Marino <netbsd%marino.st@localhost> wrote:
>> What it boils down to is this change potentially means the
>> pkgsrc-security@ team has to change how they perform their role and
>> you're calling it when you're not going to be the one having to sift
>> through the mess of advisories to fish out information before
>> embarking on some XML.
>
>
> How have you come to this conclusion?
> Did I state that pkgsrc-security team has to do anything different?
> A cron script downloads the pkgsrc vulnerability database and converts it to
> an xml format every 6 hours. Nobody has to do anything. Why is this a
> problem?
That's not a problem for me. I apologies.
> The only thing I could ask the security team is to keep using ranges and not
> regex.
Do you have an example entry of what you mean?
>> Do we not get a say in this?
>>
>> That's why I'm raising the point about "duplication", why am I copying
>> the same information out from one place & adding it in to another If
>> we're not adding anything? why not direct the user to the original
>> source and get out of the way.
>
>
> This is incorrect. The original vulnerability database is not downloaded
> anymore. That functionality part of the "pkg" format.
>
> I am not sure how to say this any other way: *You* are not "copying the same
> information". *You* are not adding it anywhere.
Ok
Sevan
Home |
Main Index |
Thread Index |
Old Index