Re: conflicts-based solution (was Re: security in testing)
On Wed, May 14, 2003 at 07:12:15PM -0400, Joey Hess wrote:
> Take the harden package, or create something similar: a package that
> conflicts with all versions of packages with known security holes.
Why not just /fix/ the holes? Is uploading a package with a well known
patch _really_ that hard?
Cheers,
aj
--
Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
I don't speak for anyone save myself. GPG signed mail preferred.
``Dear Anthony Towns: [...] Congratulations --
you are now certified as a Red Hat Certified Engineer!''
Reply to: