Re: conflicts-based solution (was Re: security in testing)

To: debian-devel@lists.debian.org
Subject: Re: conflicts-based solution (was Re: security in testing)
From: Anthony Towns <aj@azure.humbug.org.au>
Date: Thu, 15 May 2003 13:13:19 +1000
Message-id: <[🔎] 20030515031319.GC19367@azure.humbug.org.au>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20030514231215.GB7786@dragon.kitenet.net>
References: <[🔎] 1F31E8A0-864E-11D7-84D2-003065F97418@leishman.org> <[🔎] 20030514213601.GS13945@alcor.net> <[🔎] 20030514231215.GB7786@dragon.kitenet.net>

On Wed, May 14, 2003 at 07:12:15PM -0400, Joey Hess wrote:
> Take the harden package, or create something similar: a package that
> conflicts with all versions of packages with known security holes.

Why not just /fix/ the holes? Is uploading a package with a well known
patch _really_ that hard?

Cheers,
aj

-- 
Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
I don't speak for anyone save myself. GPG signed mail preferred.

  ``Dear Anthony Towns: [...] Congratulations -- 
        you are now certified as a Red Hat Certified Engineer!''

Reply to:

Follow-Ups:
- Re: conflicts-based solution (was Re: security in testing)
  - From: Sven Luther <sven.luther@wanadoo.fr>

References:
- Re: security in testing
  - From: Chris Leishman <chris@leishman.org>
- Re: security in testing
  - From: Matt Zimmerman <mdz@debian.org>
- conflicts-based solution (was Re: security in testing)
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Re: security in testing
Next by Date: Re: security in testing
Previous by thread: Re: conflicts-based solution (was Re: security in testing)
Next by thread: Re: conflicts-based solution (was Re: security in testing)
Index(es):
- Date
- Thread