Hi, You might have seen the discussion on labeling security related updates; Jürgen and I have also create a CVSTrac report which looks for the word 'security' in the commit message and lists those [1]. I'd like to suggest the following format for such changes: [security] <portname>: <text> <url> url should point to the advisory or vulnerability decription. Example: "[security] gdk-pixbuf: security update http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:095" This way, they should be easy to spot in the timeline and reliable to find using our report. How does this sound? We might also do something similar if we have to do a binary incompatible change inbetween releases, but I guess we can discuss this later. Kind regards, Johannes 1 http://clc.morpheus.net:6999/clc/rptview?rn=11 -- Johannes Winkelmann mailto:jw@tks6.net Bern, Switzerland http://jw.tks6.net