On Wed, 2008-11-19 at 10:08 +0100, Kevin Kofler wrote: > > To solve 1., the metadata would have to carry the information for the > security update even after it is obsoleted, and yum-security would have to > understand that if foo-1.2.3 is a security update, the currently installed > package is foo-1.2.2 and the current version in the repo is the bugfix > update foo-1.2.4, it should install foo-1.2.4. Or alternatively, the latest > security (or "bugfix for security", see above) update would have to be > carried in the repos in addition to the latest overall. Another way to solve 1 is to assign unique IDs to security issues (I think we do that already) and have a perpetual list per package of security issues that the packages resolve, regardless of the current update reason. This way the security plugin could check to see if the version of the package they have already resolves the listed issues, and if it doesn't, pull down whatever is there. If it does, ignore the update. -- Jesse Keating Fedora -- Freedom² is a feature! identi.ca: http://identi.ca/jkeating
Attachment:
signature.asc
Description: This is a digitally signed message part
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
