[Fedora-packaging] Proposal to reduce anti-bundling requirements
Reindl Harald
h.reindl at thelounge.net
Thu Sep 10 19:01:41 UTC 2015
Am 10.09.2015 um 20:37 schrieb Matthew Miller:
> On Thu, Sep 10, 2015 at 07:48:22PM +0200, Reindl Harald wrote:
>> if i would want a operating system where i have no idea after
>> security updates for a library if *all* applications are fixed i
>> could just have gone to Apple OSX or stayed at Windows
>
> Unbundling is one approach to that problem. It doesn't mean that it's
> the only one
but the most important one
if you have to wait for every single maintainer or even upstream until
they recognize they are affected and need to rebuild likely the next
vulerability is already discovered
and that not speaking about still existing cross-deps suddenly loading
(or try to do so) multiple versions of the same library
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20150910/efa405d2/attachment.sig>
More information about the devel
mailing list