gross DNF bandwidth inefficiency if filesystem space limited
Kevin Kofler
kevin.kofler at chello.at
Mon Aug 3 03:53:15 UTC 2015
Kevin Fenzi wrote:
> * There could be some nasty issues with keeping known vulnerable/broken
> packages around. ie, foo-1.0 has a severe security bug, foo-1.1 fixes
> it. You now just need to trick someone into downgrading or directly
> installing foo-1.0 (which is in normal repos and signed and
> completely valid looking).
But there are plenty of even older packages in the GA repository, also
signed with the same key.
Kevin Kofler
More information about the devel
mailing list