On Tue, 2011-07-26 at 17:22 +0100, Karanbir Singh wrote: > sure, but you need to take this upstream to get attention. This has happened as I mentioned earlier. > I just dont > see this as an important enough issue to fix within centos here. No such suggestion was made. We all know CentOS behaves like upstream and the fix will probably trickle down soon enough. > Expecting valid metadata should be a reasonable assumption. No. Programmes that crash on bad input are vectors for exploits. Even if it's unlikely someone would put an untrustworthy repo in his config yum shouldn't segfault on bad data. Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research