Xin Li wrote:
On 7/8/16 12:20, Grzegorz Junka wrote:
The only reason I heard why base isn't updated with the proper package
from ports is because of security implications. Older versions are more
security-tested and therefore safer. If there is a vulnerability in the
base it's much more hassle to update the base than ports.
Not necessarily safer -- for instance on FreeBSD 9.x the base system
OpenSSL is EoL'ed by upstream, and therefore the security fixes are
backported by secteam@ in a case-by-case manner. Generally speaking,
newer code is safer and supports newer standards, and we recommend ALL
users who are still on FreeBSD 9.x to use port version of OpenSSL.
Did that a long time ago when I realised how FreeBSD actually supports
the people using it instead of the developers.. not that it worries me
now, shortly I won't have any FreeBSD hosts.
--
Michelle Sullivan
http://www.mhix.org/
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[email protected]"
