Am 10.09.2015 um 20:37 schrieb Matthew Miller:
On Thu, Sep 10, 2015 at 07:48:22PM +0200, Reindl Harald wrote:if i would want a operating system where i have no idea after security updates for a library if *all* applications are fixed i could just have gone to Apple OSX or stayed at WindowsUnbundling is one approach to that problem. It doesn't mean that it's the only one
but the most important oneif you have to wait for every single maintainer or even upstream until they recognize they are affected and need to rebuild likely the next vulerability is already discovered
and that not speaking about still existing cross-deps suddenly loading (or try to do so) multiple versions of the same library
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
