[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Pre-approval for apt 0.7.21: "Valid-Until" feature and proxy changes

Adeodato Simó wrote:
> * Eugene V. Lyubimkin [Mon, 05 Jan 2009 23:42:46 +0200]:

Hello Adeodato,
>> ---------------------------------------------------------
>> Change #1 aka "Valid-Until for preventing replay attacks"
>> ---------------------------------------------------------
[change details snipped]
> We'd like to hear from the Security Team what they think of this feature
> as a candidate for Lenny. If they believe it's extremely important that
> we have it in place for Lenny, and they (or somebody delegated by them)
> could do a review of the code and test it, we'd be okay with including it.
> The final debian-installer upload is going to be soon, though, so we'd
> have to seek input from the Debian Installer team as well.
> And there is also the option of including it in the first point release,
> after a month or two of testing in unstable.

>> --------------------------------------------------------
>> Change #2 aka "Stop the mess with proxy settings in APT"
>> --------------------------------------------------------
[change details snipped]
> I'd rather not have this change of behavior this late. It is a nice fix,
> but apt is too much of a central package, that not touching it sounds
> more desirable. Hope that makes sense to you.
Yes, indeed. That's why we asked.

Eugene V. Lyubimkin aka JackYF, JID: jackyf.devel(maildog)gmail.com
Ukrainian C++ developer, Debian Maintainer, APT contributor

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: