[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: radical suggestion for fc4 release
- From: Nigel Metheringham <Nigel Metheringham dev intechnology co uk>
- To: arjanv redhat com, Development discussions related to Fedora Core <fedora-devel-list redhat com>
- Cc:
- Subject: Re: radical suggestion for fc4 release
- Date: Tue, 01 Feb 2005 15:28:34 +0000
On Tue, 2005-02-01 at 16:02 +0100, Arjan van de Ven wrote:
> On Tue, 2005-02-01 at 09:50 -0500, Jeff Spaleta wrote:
> > I look forward to building pathological packages that have a requires
> > on a CVE name provides.
>
> fedora-secure-system
>
> could require all the CVE's that are ciritical to be fixed
> yum update fedora-secure-system
> would then only pull security updates down....
This sort of requires a way to handle packages that you don't install -
for example package flurble needs an empty package not-flurble (which
conflicts with flurble) so that when CAN-9999-999 is issued for flurble,
which then means fedora-secure-system now requires CAN-9999-999, a new
empty not-flurble can also provide the CVE name.
The alternative is that following a CVE issue everyone's box gets a
(hopefully fixed) version of the vulnerable package even if they were
not running in previously.
This makes my head hurt.
Nigel.
--
[ Nigel Metheringham Nigel Metheringham InTechnology co uk ]
[ - Comments in this message are my own and not ITO opinion/policy - ]
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]