On Mon, Jun 21, 2010 at 10:53 PM, Dan McGee dpmc...@gmail.com wrote:
On Mon, Jun 21, 2010 at 10:27 PM, C Anthony Risinger anth...@extof.me wrote:
On Mon, Jun 21, 2010 at 10:16 PM, Allan McRae al...@archlinux.org wrote:
On 22/06/10 12:07, C Anthony Risinger wrote:
my point of this ramble if
On 22/06/10 15:59, C Anthony Risinger wrote:
On Mon, Jun 21, 2010 at 10:53 PM, Dan McGeedpmc...@gmail.com wrote:
On Mon, Jun 21, 2010 at 10:27 PM, C Anthony Risingeranth...@extof.me wrote:
On Mon, Jun 21, 2010 at 10:16 PM, Allan McRaeal...@archlinux.org wrote:
On 22/06/10 12:07, C Anthony
2010/6/21 Ng Oon-Ee ngoo...@gmail.com:
I'd still like to know how this replaces/conflicts with Arch policy for
'as upstream as possible'. I'm aware that just starting out the answer
may just be we don't know yet, but for me one of the benefits of Arch
is that all packages are close to upstream
Excerpts from Andres P's message of 2010-06-22 01:53:20 +0200:
On Mon, Jun 21, 2010 at 7:17 PM, C Anthony Risinger anth...@extof.me wrote:
He said from git/svn... ie backporting, not contributing.
...?
Once they're in svn they're confined to abs? Besides, it's not like there's
anything
On Tue, 22 Jun 2010 13:16:23 +1000
Allan McRae al...@archlinux.org wrote:
The point is that the developers around here already patch for
security issues. The only change that I think that a security team
will achieve is to notify me (as a developer) of issues that I have
overlooked on the
On Tue, Jun 22, 2010 at 4:26 AM, Philipp Überbacher
hollun...@lavabit.com wrote:
Sure, like any dev will be going through every possible bug tracker,
repo or ask any possible user to find patches for his app.
Don't be ridiculous. If you write a patch that's not distro specific,
then it's your
On Tue, Jun 22, 2010 at 10:37 AM, Andres P aep...@gmail.com wrote:
On Tue, Jun 22, 2010 at 4:26 AM, Philipp Überbacher
hollun...@lavabit.com wrote:
Sure, like any dev will be going through every possible bug tracker,
repo or ask any possible user to find patches for his app.
Don't be
On Tue, Jun 22, 2010 at 2:51 PM, C Anthony Risinger anth...@extof.me wrote:
Ok, the beauty of openbsd is that they're running a BIND version that's been
patched to the point of no recognition. They have confidence in their
skills instead of quitting before giving it a shot.
then in my opinion
On 23/06/10 05:21, C Anthony Risinger wrote:
example: SSH 0-day exploit is released. bang! you crack out your
interim PKGBUILD and crack a beer because your safe right? whoops,
because this is a production machine (from a message a couple hours
ago):
On Tue, Jun 22, 2010 at 10:23 AM, Sergey
On Tue, Jun 22, 2010 at 6:49 PM, Allan McRae al...@archlinux.org wrote:
On 23/06/10 05:21, C Anthony Risinger wrote:
example: SSH 0-day exploit is released. bang! you crack out your
interim PKGBUILD and crack a beer because your safe right? whoops,
because this is a production machine (from
On 06/22/10 19:49, Allan McRae wrote:
Also, as established earlier in the thread, some of our packages have
patches for security issues that a a couple of years old because
upstream has not made a new release. So the whole probably be fixed by
upstream in less that a week and a point release
Dear Arch community,
I thought I'd post a follow up on some of the things said in the last
thread I created on this list. I'm using upper case for headings just
to make things easier to read and not to shout! Please post or cc all
follow ups to the Arch General list, and read this message
On Mon, 2010-06-21 at 19:28 +0100, Ananda Samaddar wrote:
5. LONG TERM GOALS
Most Arch stuff starts out as external projects than then merge with
the main distro. If our work turns out to be useful, and I hope it
will be, I would like us to become an official Arch Team. We could
then
On Tue, 22 Jun 2010 07:11:25 +0800
Ng Oon-Ee ngoo...@gmail.com wrote:
I'd still like to know how this replaces/conflicts with Arch policy
for 'as upstream as possible'. I'm aware that just starting out the
answer may just be we don't know yet, but for me one of the
benefits of Arch is that
2010/6/21 Ng Oon-Ee ngoo...@gmail.com:
bugs with upstream, which may not be the case with 5-10 security-patches
from git/svn).
This is just pessimistic outlook. Having patches means that you're actually
contributing upstream instead of leaching the latest ver every 3 weeks.
People need to stop
On Jun 21, 2010, at 6:37 PM, Andres P aep...@gmail.com wrote:
2010/6/21 Ng Oon-Ee ngoo...@gmail.com:
bugs with upstream, which may not be the case with 5-10 security-
patches
from git/svn).
This is just pessimistic outlook. Having patches means that you're
actually
contributing upstream
On Mon, Jun 21, 2010 at 7:17 PM, C Anthony Risinger anth...@extof.me wrote:
He said from git/svn... ie backporting, not contributing.
...?
Once they're in svn they're confined to abs? Besides, it's not like there's
anything keeping upstream from looking at obsd cvs, Debian's bug tracker, nor
On Mon, 2010-06-21 at 18:47 -0500, C Anthony Risinger wrote:
On Jun 21, 2010, at 6:37 PM, Andres P aep...@gmail.com wrote:
2010/6/21 Ng Oon-Ee ngoo...@gmail.com:
bugs with upstream, which may not be the case with 5-10 security-
patches
from git/svn).
This is just pessimistic
On Mon, Jun 21, 2010 at 6:53 PM, Andres P aep...@gmail.com wrote:
On Mon, Jun 21, 2010 at 7:17 PM, C Anthony Risinger anth...@extof.me wrote:
He said from git/svn... ie backporting, not contributing.
...?
Once they're in svn they're confined to abs? Besides, it's not like there's
anything
On 22/06/10 12:07, C Anthony Risinger wrote:
my point of this ramble if there is one, is that personally, i don't
want _anyone_ other than upstream to make security decisions regarding
their software.if Arch started naively backporting stuff based of
the latest alert from XYZ, i wouldn't be
On Mon, Jun 21, 2010 at 10:16 PM, Allan McRae al...@archlinux.org wrote:
On 22/06/10 12:07, C Anthony Risinger wrote:
my point of this ramble if there is one, is that personally, i don't
want _anyone_ other than upstream to make security decisions regarding
their software.if Arch started
On Mon, Jun 21, 2010 at 10:27 PM, C Anthony Risinger anth...@extof.me wrote:
On Mon, Jun 21, 2010 at 10:16 PM, Allan McRae al...@archlinux.org wrote:
On 22/06/10 12:07, C Anthony Risinger wrote:
my point of this ramble if there is one, is that personally, i don't
want _anyone_ other than
22 matches
Mail list logo