Am 02.10.2014 um 09:14 schrieb Tomasz Torcz: > On Thu, Oct 02, 2014 at 08:33:23AM +0200, Lennart Poettering wrote: >> since you have two packages to look after (Yes, by adding dash to the >> default stack you just put the extra burden on Fedora to quickly >> update two packages instead of just one in case of a security > > Only if bash and dash share exactly the same security problems. > Which seems unlikely. wrong - each can have each *own* security problems and you are affected by the total summary of both because they attacker can chose or try both
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
