[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Discarding uploaded binary packages

I know this subject has been discussed on and off in the past, but
there's new evidence that it's simply the right thing to do.

Due to changes in upstream's build system, isc-dhcp recently started
including build system paths in dhclient's search path.  This got a
security identifier, and we've fixed it, but really the only
architecture affected was the one I built and uploaded.  All of the
packages built on the buildds were not since the PATH was something in
/build vs. a home dir.  Also, Ubuntu was not affected since all of
their packages go through their buildds.  Details in:

Anyway, all of these build system path sanitization issues can be
eliminated by using the buildds for all architectures, since paths
will start with at least /build that requires root-level action to
exist on users' systems.

So, are we ready to do this?

Best wishes,

Reply to: