[CentOS-devel] Source code missing, and insecure delivery pages linked
Peter Meier
peter.meier at immerda.chTue Feb 9 21:45:07 UTC 2021
- Previous message: [CentOS-devel] Source code missing, and insecure delivery pages linked
- Next message: [CentOS-devel] Source code missing, and insecure delivery pages linked
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> The issue is that someone doing a man in the middle attack over http > could serve an old version of the mirrors and have properly signed > versions of everything with known vulnerabilities. Exactly, this is the main (and valid!) concern for serving things over plain http. Thus should be addressed. But as we learned through that thread, none of that actually attributes to the other claims initially made, since they all have been debunked to be wrong. ~pete
- Previous message: [CentOS-devel] Source code missing, and insecure delivery pages linked
- Next message: [CentOS-devel] Source code missing, and insecure delivery pages linked
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS-devel mailing list