How often are official packages upgraded?

rainer_d

Hi,

I noticed that the haproxy package is a bit out of date.
How often are packages updated?
What branch of FreeBSD ports is followed?

For my FreeBSD servers, I run my own repository. We don't use pfSense, yet (but I have a use-case for it that hopefully works out).
Currently, I only see us using maybe a handful of packages. I'm not sure if I want to go all the way maintaining my own repo just for them.

PiBa

Hi Rainer,
It seems to me it depends a lot on how active a package is maintained, or if some mayor openssl leak is found and ESF decides to compile all packages again. Also a huge bit of randomness..

For haproxy which i kinda 'maintain' i have not seen a 'need' to upgrade to a newer version just yet.. Probably when the next version gets released i will ask for a new compilation run a few weeks later so i 'know' it to be clear of new big bugs by then (otherwise a newer release would come rather fast).. as it will then contain some new DHE cipher group stuff which supposedly is good for security (i dont understand the internals.. read the haproxy mailinglist for those..).

rainer_d

Thanks.
I do read the list but the logjam stuff didn't interest me that much, I admit.
I currently terminate SSL with NGINX, mostly

cmb

@PiBa:

It seems to me it depends a lot on how active a package is maintained

That's the bulk of the answer there. Also depends on what necessitated the update in the package itself. Updates for security reasons get updated packages quickly. Outside of that, "it depends", primarily on who's the maintainer. Sometimes a package being outdated means it's abandoned, but in other cases like haproxy as PiBa mentioned, it's more a factor of "it ain't broke, don't fix it."