On 08/06/2014 12:32 PM, Eric H. Christensen wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
I just did a query of all the packages in EPEL that are currently orphaned and contain
vulnerabilies. I'm wondering if any of them are still useful or if they can be
removed from the repos. Here's the list:
big list deleted
Random thought - have a "remove-insecure-packages" package that obsoletes dead
packages with known vulnerabilities? People could perhaps exclude that
package from yum updates if they really want to keep old stuff around.
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane orion(a)nwra.com
Boulder, CO 80301
http://www.nwra.com