On Sun, Mar 29, 2009 at 02:45:11PM -0700, dt...@drizzle.com wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Aaron W. Hsu wrote: > >> but if you are really concerned about security, pretty much your only >> hope is to either run -CURRENT or track the security updates and >> backport them yourself. > > And then adds: > >> My advice to you would be to just follow -STABLE. > > So, it follows that your advice would be to not be really concerned > about security? > > Most people who use OpenBSD are probably doing so at least in part > because they are very concerned about security. Doesn't that make this > disconnect curious, to say the least? > > This thread doesn't inspire any more confidence in -stable ports than I > have gained from the documentation, which has led me to conclude that I > should generally compile and manage my own software on OpenBSD. A > "stable" branch is generally understood to mean "critical security > patches only", not "unmaintained" ... >
please note that while security fixes or 'errata' are backported to the current stable release, this applies to the operating system, OpenBSD itself. it does not apply to the ports, which are not part of the operating system. (there is the odd exception to that last rule) you may wish to check the following: http://openbsd.org/faq/faq5.html#Flavors for a thorough explanation of that system, and: http://openbsd.org/faq/faq15.html#PkgFAQ for a nice FAQ which covers some of if not all of your questions. regards, -ryan
