-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Dne 2.12.2015 v 15:30 Stephen Gallagher napsal(a): > > > In accordance with the bundling policy, it *is* carrying a virtual > Provides to allow us to identify whether it is affected by discovered > CVEs. > This brings me to interesting question, how to actually know that one should be looking for some bundled library? I don't think this was ever addressed, but I believe it'd be useful to have some page where we can see what is bundled and where is it bundled. I don't think that "repoquery" is the answer, since this does not give good enough overview nor statistics, etc. Vít -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWXwRVAAoJEAzgnueZF7h8NdYP/R7S39kRo6tEWWs9+VKsH1DC PLZlBcToBluRpQ4rmcvsOG1g+yqOM2HeJZUeMVZzjRHgpvmec3Ywzt+UOC+JIFhp XltOUqeHLbKYSkvqdyLx5EXL4rk74agpnIh870zhbxARWIW8ObeMQ1vKF+xH7mNM +wickQbjZBCHnk9BMfBNBDjpMcqrOGkMS6P6+pfpuWguYBhcN1KZTg5lMAt9bBg+ C5EiJE20Tg4OiOy0jzi0KwaE0STDiH8YOGPQ39DFrCLwKItfYXufNzmC3nOGY9iY PN/zshyCgSSwLuxRYZUYm7hu7cJNTcqBfdWGGzgAL3FsqBi0xWjn+shTkGTYKEUP rk7dbRy01lifthZKTUG+ApZX6Z1pW1cjTZrAUVF96CW+3JUSVSEX4yKQIU6IHHyT Zl1lKF/Vv3dhChp96407U8Lv3OH5ex510smPfNCASTVCzNqUKgg9CBpRgjmxnOd+ dV1rqz4hN5jBulWFF8Qzzp7T6/C9Tx2BOMtUsI9DuxiDjtZcu49Djxvj1jxdfA1C a4Hr5lX6awSjCSyPJhWSH6QGSVhgFFlreQ4o8dBt35wZiCOZhL5eFVVaAM39BWgd 92RgLC9+Sa5qoUbpBcSBPW95g3myXiDjFU0NE0gIyarMR7MOcMzHb3NgZZX/9ri3 E2HW7ONwlvGSRUwXRzkD =pVz1 -----END PGP SIGNATURE----- -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
