On Thu, 9 Apr 2020 20:06:33 +0200, Markus Koschany wrote:
> So when the quint essential message is, it is a matter of opinion and a
> special form of verification is not mandated by Policy, then why don't
> you work closer with the member of this team and help him to implement
> the standard
Am 09.04.20 um 15:18 schrieb Stephen Kitt:
> Le 09/04/2020 14:47, Markus Koschany a écrit :
>> Am 09.04.20 um 13:58 schrieb Stephen Kitt:
>>> Le 09/04/2020 13:44, Markus Koschany a écrit :
Am 09.04.20 um 13:24 schrieb Stephen Kitt:
> On Thu, 9 Apr 2020 12:37:03 +0200, Markus Koschany
Le 09/04/2020 14:47, Markus Koschany a écrit :
Am 09.04.20 um 13:58 schrieb Stephen Kitt:
Le 09/04/2020 13:44, Markus Koschany a écrit :
Am 09.04.20 um 13:24 schrieb Stephen Kitt:
On Thu, 9 Apr 2020 12:37:03 +0200, Markus Koschany
wrote:
Am 09.04.20 um 11:36 schrieb Ivo De Decker:
[...]
Le 09/04/2020 15:18, Stephen Kitt a écrit :
[...]
When a user installs a package in Debian, there’s a reasonable
expectation that the user will get when the maintainer intended. Even
Sorry, *what* the maintainer intended.
[...]
Am 09.04.20 um 13:58 schrieb Stephen Kitt:
> Le 09/04/2020 13:44, Markus Koschany a écrit :
>> Am 09.04.20 um 13:24 schrieb Stephen Kitt:
>>> On Thu, 9 Apr 2020 12:37:03 +0200, Markus Koschany
>>> wrote:
Am 09.04.20 um 11:36 schrieb Ivo De Decker:
> It seems runescape downloads a binary
Le 09/04/2020 13:44, Markus Koschany a écrit :
Am 09.04.20 um 13:24 schrieb Stephen Kitt:
On Thu, 9 Apr 2020 12:37:03 +0200, Markus Koschany
wrote:
Am 09.04.20 um 11:36 schrieb Ivo De Decker:
It seems runescape downloads a binary and runs it, without verifying
its
integrity. At least the
Am 09.04.20 um 13:24 schrieb Stephen Kitt:
> On Thu, 9 Apr 2020 12:37:03 +0200, Markus Koschany wrote:
>> Am 09.04.20 um 11:36 schrieb Ivo De Decker:
>>> It seems runescape downloads a binary and runs it, without verifying its
>>> integrity. At least the download happens using https, but no
On Thu, 09 Apr 2020 at 12:37:03 +0200, Markus Koschany wrote:
> Am 09.04.20 um 11:36 schrieb Ivo De Decker:
> > It seems runescape downloads a binary and runs it, without verifying its
> > integrity. At least the download happens using https, but no other
> > verification is done.
>
> Could you
On Thu, 9 Apr 2020 12:37:03 +0200, Markus Koschany wrote:
> Am 09.04.20 um 11:36 schrieb Ivo De Decker:
> > It seems runescape downloads a binary and runs it, without verifying its
> > integrity. At least the download happens using https, but no other
> > verification is done.
>
> Could you
Control: tags -1 moreinfo
Am 09.04.20 um 11:36 schrieb Ivo De Decker:
> package: runescape
> severity: serious
>
> Hi,
>
> It seems runescape downloads a binary and runs it, without verifying its
> integrity. At least the download happens using https, but no other
> verification is done.
Could
Processing control commands:
> tags -1 moreinfo
Bug #956276 [runescape] runescape: downloads unverified binary and runs it
Added tag(s) moreinfo.
--
956276: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956276
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
package: runescape
severity: serious
Hi,
It seems runescape downloads a binary and runs it, without verifying its
integrity. At least the download happens using https, but no other
verification is done.
Cheers,
Ivo
12 matches
Mail list logo