Am 11.09.2015 um 15:43 schrieb Zdenek Kabelac:
Dne 11.9.2015 v 15:39 Reindl Harald napsal(a):Am 11.09.2015 um 15:27 schrieb Zdenek Kabelac:Dne 11.9.2015 v 15:22 Eric Griffith napsal(a):On Sep 11, 2015 9:03 AM, "Zdenek Kabelac" <zkabe...@redhat.com <mailto:zkabe...@redhat.com>> wrote: > > Dne 11.9.2015 v 14:46 Germano Massullo napsal(a): > > Fault #1 > (I've already complained that usage of rawhide & rpmfusion is getting silly) > > How is the usage getting silly? *genuinely confused* Id love for Fedora to have everything in the repos (A la Arch) but for legal and philosophical reasons it's not possible.My complain here is about packaging libraries. And just because a library has been upgraded from version .so.2 to version .so.4 and you can't have both (as the new one replaces old one by Fedora policy) - you cannot normally use rpmfusion.the whole point of a *shared library* is to have single versions of libraries and not 10 versions you need to seek if they are affacted from wahtever security relevant bug, in many cases it will be impossible to answer that question and no, backporting of fixes is not the solution, ignoring manpower here, how often do you think developers are fixing some bug and even not realize it was security relevant and so no CVE is assigned not long ago glibc was affactd by such a caseThe best part is - the library itself is mostly useless - but because of packaging policy - if you want to use rpmfusion - you have to basically build lib-compat-like (Fedora way) libraries yourself - that's what I call silly....no, rpmfusion just need to cope with rawhide changes and rebuild as Fedora doesWe are not solving here 'ideal' word where every one has tons of free time and could rebuild everything all day&night.
don't tell me rpmfusion could not easily make that fully automated
This Fedora plan simply puts too much work at everyone's hands. Sure - people who care about safety might have some option - like I always want to have ONLY the latest lib - and drop everything else, but there are still lot of users who could live with older libs quite happilly (and especially in the case they do not use the library in question AT ALL - which is the maint point here)
you said "every one has tons of free time" - well - and who would maintain the dozen of versions of libraries packages?
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
