poppler, security updates in general...

Daniel J. Luke dluke at geeklair.net
Wed Jan 10 03:20:01 UTC 2018


On Jan 9, 2018, at 12:27 PM, Perry E. Metzger <perry at piermont.com> wrote:
> Am I correct in assuming that as things stand, we mostly depend on
> port owners to track security updates on behalf of the project and
> that there isn't a security officer or any such thing? (Not
> complaining, just seeking clarification.)

Yes.

Unless/until someone volunteers as security officer. Way back when we first instituted the regular vs. openmaintainer policy we decided that security updates fall in the 'anyone with commit access can push them' category - so in theory any committer can/should update any port that has a security update.

-- 
Daniel J. Luke





More information about the macports-dev mailing list