Quote:
Originally Posted by jggimi
If you note an application of interest to you has had CVEs that have been resolved but there has not been an updated port posted to the ports@ mailing list, you are welcome to contact the maintainer. [1] The maintainer may not be aware of the update. If there is no maintainer, you are welcome to develop the appropriate port update and submit a patch set to the mailing list for consideration.
|
This is not how it works "Linux side". Debian and other Linux distributions do not differentiate between a "base system" and 3rd party software, so users expect a ready to go system complete with binary packages with latest security patches as standard. Many 'ex Linux people' just expect that OpenBSD will be much the same. As Linux is so poorly documented, just reading documentation before making assumptions or posting questions on web forums can be an alien concept (this is not knocking the OP, just an observation).