Re: leaks in our only-signed-software fortress

To: debian-devel@lists.debian.org
Subject: Re: leaks in our only-signed-software fortress
From: Jakub Wilk <jwilk@debian.org>
Date: Sat, 18 Feb 2012 15:18:58 +0100
Message-id: <[🔎] 20120218141858.GA5960@jwilk.net>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 8762f4cmh1.fsf@deep-thought.43-1.org>
References: <[🔎] 0763775752c72b696283491568e04907@scientia.net> <[🔎] 20120218113214.GA2013@jwilk.net> <[🔎] 8762f4cmh1.fsf@deep-thought.43-1.org>

* Ansgar Burchardt <ansgar@debian.org>, 2012-02-18, 14:14:

Could you point us to those which were ignored or denied?

At least pbuilder still disables secure APT by default, see #579028.


The bug is closed. Am I missing something?

But anyway, this is saddening. Hundreds (? - wild guess) of developershave been building their packages in insecure environment, yet pbuildermaintainer and a member of Security Team believe that it was a feature,not a bug. :|


--
Jakub Wilk

Reply to:

Follow-Ups:
- Re: leaks in our only-signed-software fortress
  - From: Ansgar Burchardt <ansgar@debian.org>
- Re: leaks in our only-signed-software fortress
  - From: Christoph Anton Mitterer <calestyo@scientia.net>

References:
- leaks in our only-signed-software fortress
  - From: Christoph Anton Mitterer <calestyo@scientia.net>
- Re: leaks in our only-signed-software fortress
  - From: Jakub Wilk <jwilk@debian.org>
- Re: leaks in our only-signed-software fortress
  - From: Ansgar Burchardt <ansgar@debian.org>

Prev by Date: Teams in changelog trailers
Next by Date: Re: leaks in our only-signed-software fortress
Previous by thread: Re: leaks in our only-signed-software fortress
Next by thread: Re: leaks in our only-signed-software fortress
Index(es):
- Date
- Thread