package, package2, package3 naming-with-version exploit
Nico Kadel-Garcia
nkadel at gmail.com
Thu Mar 28 13:28:27 UTC 2013
Don't forget autoconf, gcc, Samba, Tomcat, and other critical system tools.
Nico Kadel-Garcia
Email: nkadel at gmail.com
Sent from iPhone
On Mar 28, 2013, at 8:31, Stephen Gallagher <sgallagh at redhat.com> wrote:
>
> It's not just Ruby that has these issues, though. To take a python
> example: Django. Most Django packages are built against a specific
> minor version of Django, and the Django upstream regularly breaks
> backwards compatibility with those minor releases.
>
> It ends up requiring Fedora to carry multiple copies of python-django
> in the repo, usually versioning the older ones (so in the current
> situation, we have python-django and python-django14, with
> python-django referring to Django 1.5)
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.13 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iEYEARECAAYFAlFUOBoACgkQeiVVYja6o6OZGACfcRr2jl7WhhOFlrjK/zX5yHsZ
> a8UAn1V0FdOQmQGI3d7G3J7lSqZs0ywn
> =Gov+
> -----END PGP SIGNATURE-----
> --
> devel mailing list
> devel at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
More information about the devel
mailing list