[CentOS-devel] yum-plugin-security and shellshock
Karanbir Singh
mail-lists at karan.orgThu Oct 2 08:32:47 UTC 2014
- Previous message: [CentOS-devel] yum-plugin-security and shellshock
- Next message: [CentOS-devel] yum-plugin-security and shellshock
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 10/01/2014 08:41 PM, Kevin Stange wrote: > I'll be honest: I don't care about this scenario at all. My spacewalk > server would take care of this just by virtue of CentOS having the data > ever available for these packages and constantly keeping itself current. but your usecase does not represent a sane interface from the project side - hacking up something that is going to put users at risk is far worse that communicating that users need to really just apply all updates. I really dont understand the corner case arguments you make here, Kevin you are far smarter than this. Are you just trying to tick a box off and dont care if that leaves a majority of the userbase exposed by incorrectly commnunicated confidence ? The fact that you are actually looking to penalise people who dont run updates nightly is very dangerious. -- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh GnuPG Key : http://www.karan.org/publickey.asc
- Previous message: [CentOS-devel] yum-plugin-security and shellshock
- Next message: [CentOS-devel] yum-plugin-security and shellshock
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS-devel mailing list