Robert Scheck wrote:
Very good question. When asking, I didn't get a real answer. Sometimes, a
public proof of concept exists already. Maybe the intention is, that if
they make the security issue public, the vendors had time to put updated
packages into their systems. Luckily, that doesn't happen all the time, but
only sometimes. If you click through my phpMyAdmin updates, you will find
some bug reports referencing "not yet clearly specified security issue" or
similar things. Much more can a packager not do, I would guess.
Maybe you can take this up to
http://lists.freedesktop.org/mailman/listinfo/distributions
Collectively apply some pressure to upstream or atleast find good
consistent workarounds.
Rahul
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
