On Friday, January 21, 2022 1:33:07 PM EST Adam Borowski wrote: > On Fri, Jan 21, 2022 at 01:28:54PM -0500, Scott Kitterman wrote: > > 2. New binary package "steals" binary from another source. This is > > sometimes OK. Sometimes it's accidental. It could also be malicious (I > > don't remember if I've every actually seen this done for an intentional > > "steal" or not, I might have). > > Stealing a binary does not go through NEW. It does. Binary is new to that source so there is no existing override. Scott K
Attachment:
signature.asc
Description: This is a digitally signed message part.