Robert Scheck wrote:
> In general, I agree with you. Maintainers must and have to put information
> and details into Bodhi when submitting an update. Just "upgrade to xxx" is
> not suitable, yes. But there are exceptions sometimes, e.g. when ClamAV or
> phpMyAdmin upstream goes crazy again and pushes out the fix, tells "this
> is an important security fix, details will follow in the next days or so"
> as this already happend multiple times in the past. Usually then, it is a
> more bigger security issue with remote impacts which has to pass through
> without any stoppers except for or by the Fedora Security team.
diff -Nur foo-old foo-new
and you'll see fairly quickly what they fixed. (And it's also trivial for a
cracker to do that, so it's utterly pointless to try withholding
information that way.)
Kevin Kofler
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
