diff options
Diffstat (limited to 'doc/pkgsrc-2013Q4')
-rw-r--r-- | doc/pkgsrc-2013Q4 | 141 |
1 files changed, 141 insertions, 0 deletions
diff --git a/doc/pkgsrc-2013Q4 b/doc/pkgsrc-2013Q4 new file mode 100644 index 00000000000..4db0968eae5 --- /dev/null +++ b/doc/pkgsrc-2013Q4 @@ -0,0 +1,141 @@ +pkgsrc-2013Q4 +============= + +The pkgsrc team is proud to announce the availability of the +pkgsrc-2013Q4 branch. There are many new packages, and some bug fixes. + +Numbers of Packages +=================== +In pkgsrc, there are: + +13472 total packages for NetBSD-current/amd64 +13049 binary packages built with clang for NetBSD-current/amd64 +11298 binary packages built with gcc for Joyent's SmartOS/i386 +11249 binary packages built with gcc for Joyent's SmartOS/amd64 +10111 binary packages built with gcc for Darwin 10.8.0/i386 (OS X) +9324 binary packages built with gcc for FreeBSD 9.1/amd64 + +279 packages have been added this quarter +3 packages have been renamed this quarter +45 packages have been removed this quarter +1380 packages have been updated this quarter + +These numbers may not compare exactly to other (binary) packaging +systems; some packaging systems split large packages like boost up +into multiple packages, while others keep unused and unbuildable +packages. + +Pkgsrc Release Schedule +======================= +The pkgsrc developers make a new release every three months. We +believe that this is a sweet spot between too many updates, and +keeping abreast of issues like security vulnerabilities. Pkgsrc is +not tied to any one operating system or architecture, which gives us +the ability to decouple the releases from any operating system +releases, and to concentrate on the packages themselves. + +Package Additions +================= +We would like to emphasize the new libreoffice4, qt5, and +SUSE-13.1-based Linux emulation support packages. + +Package of the Month +==================== + +Hubert Feyrer nominated Ansible, for automating system setup and +configuration tasks with interfaces to many subsystems that can be +combined, e.g. software installation (pkgin!), user and database +management, Amazon's AWS cloud services. The package was recently +updated to match the latest Ansible release 1.4.1. + +Pkgsrc-security +=============== +One neat feature of pkgsrc is its ability to sort package versions +based on the version numbers. It's used in audit-packages, to report +on any installed packages which may have security vulnerabilities in +them. pkgsrc-security@pkgsrc.org maintains lists of vulnerable +packages, along with reference URLs relating to the exposure. We +thank OBATA Akio, Daniel Horecki, Guillaume Lasmayous, and Tim +Zingelman for their hard work. Sample output from audit-packages is +shown below: + +% audit-packages +Package bash-4.2nb1 has a buffer-overflow vulnerability, see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3410 +% + +Getting pkgsrc +============== +More information can be found in + http://www.netbsd.org/docs/pkgsrc/getting.html + +tar files for pkgsrc, along with checksums, can be found at + http://ftp.netbsd.org/pub/pkgsrc/pkgsrc-2013Q4/ + +and anonymous cvs can be used: + cvs -z3 -q -d anoncvs@anoncvs.NetBSD.org:/cvsroot checkout -r pkgsrc-2013Q4 -P pkgsrc + +About pkgsrc +============ +pkgsrc is a cross-platform packaging system. It allows people to +download sources and to build and install binary packages on one or +more platforms. + +Building packages from source is useful for a number of reasons: + ++ not only is the provenance of source code checked (by using multiple +checksums), with pkgsrc, the version of source code you are working +with is the same that other developers and users have. + ++ patches are maintained in a central repository, and, again, are +checked at patch application time by using digests. The patches +which are applied to the sources being built are the same ones which +are known to be used and proved by other pkgsrc users (not necessarily +on the same platform). + ++ by building from source, all doubts about compilers, build practices, +source code cleanliness, and packaging differences are removed. +Digital signatures of binary packages, while useful in themselves, +only prove certain aspects of binary package provenance. (pkgsrc has +had signed packages since 2001.) + ++ it may be difficult or impossible to find a pre-built package for +the operating system or architecture. + ++ a pre-built package may have further or conflicting pre-requisites, +which are themselves difficult to find or build. By building everything, +including pre-requisites, a from-source packaging system can ensure +that pre-requisites are present and integrated. + +At the present time, pkgsrc supports 21 platforms: + + AIX + BSDOS + Cygwin + Darwin/Mac OS X + DragonFly + FreeBSD + FreeMiNT + GNU/kFreeBSD + HPUX + Haiku + IRIX + Interix/SFU/SUA + Linux + Minix3 + MirBSD + NetBSD + OSF1 + OpenBSD + QNX + Solaris/illumos + UnixWare + +Complete dependency and pre-requisite package information is held and +used by the package management software - if packages rely on other +packages to function properly, that pre-requisite will be built, +installed and managed as part of the package installation process. +Binary packages can be managed using pkgin. + +Thomas Klausner +On behalf of the pkgsrc developers +Tue Dec 31 11:26:48 CET 2013 |