On 2/23/23 8:04 PM, Michael Catanzaro wrote:
On Fri, Feb 24 2023 at 12:00:40 AM +0100, Björn Persson
<Bjorn@xxxxxxxxxxxxxxxxxxxx> wrote:
There are also other dangers with installing only security fixes. If a
bugfix is released and packaged, and later it's discovered that the bug
had security implications, then no security update will be made because
the fix is already packaged. It might be possible to set a security
flag on the update after the fact, but nobody will bother with that.
I would therefore advise against using --security. If one can't install
all the updates continuously, then one should use a more stable
distribution than Fedora.
tbh I'd go so far as to propose that this functionality should not be
reimplemented in dnf5 at all.
Does DNF on RHEL for example do something different when --security is
involved? Because the RHEL documentation talks about it as a feature to
use. Is a lack of metadata for previous updates the problem or the
implementation?
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue