On 2/23/23 18:00, Björn Persson wrote: > Gordon Messmer wrote: >> Contrary-wise: Because Fedora updates only contains the latest built, >> once a build marked as a security fix is obsoleted by another build, >> there is no longer any indication that a security issue existed in any >> version, at which point "dnf update --security" no longer works. > > There are also other dangers with installing only security fixes. If a > bugfix is released and packaged, and later it's discovered that the bug > had security implications, then no security update will be made because > the fix is already packaged. It might be possible to set a security > flag on the update after the fact, but nobody will bother with that. > > I would therefore advise against using --security. If one can't install > all the updates continuously, then one should use a more stable > distribution than Fedora. > > Björn Persson I actually use --security for the *opposite* purpose: to get security updates from updates-testing. Only problem I can remember having is broken syntax highlighting from a somewhat recent vim update. -- Sincerely, Demi Marie Obenour (she/her/hers) _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
