On Tuesday 16 Mar 2010 2:59:45 am Allan McRae wrote: > > As an aside, I would like to see some numbers on where we could improve > in this area. I have been following the CVE announcements and several > other distros security releases for the past few months and from what I > see, I believe Arch is mostly ahead of the game. Following the latest > upstream releases has its advantages. > > Allan Hi Allan, The major thing we are missing on is: Package signing It there is a need to catch up with other distros on this. Package signing is extremely important to ensure that nobody can tamper the packages. similarly should be way to package's integrity -- Regards, Gaurish Sharma www.gaurishsharma.com
