Hi Christoph,
On Sonntag, 22. Juni 2014, Christoph Anton Mitterer wrote:
> To be honest, Holger, I don't know why you've asked me to report these
> issues at all, [...]
so they are tracked and easy to be referenced - #752275 is way better than
several message-ids on lists.d.o.
> But now I just
On Sun, 2014-06-22 at 12:27 +0200, Holger Levsen wrote:
> On Sonntag, 22. Juni 2014, Christoph Anton Mitterer wrote:
> > > one or two bug reports might be oh so more useful than posting on -devel.
> > #752275 and #752277
>
> thanks for these!
To be honest, Holger, I don't know why you've asked m
Hi Christoph,
On Sonntag, 22. Juni 2014, Christoph Anton Mitterer wrote:
> > one or two bug reports might be oh so more useful than posting on -devel.
> #752275 and #752277
thanks for these!
cheers,
Holger
signature.asc
Description: This is a digitally signed message part.
On Wed, 2014-06-18 at 13:55 +0200, Jakub Wilk wrote:
> Yes, maintaining packages properly takes time. If packaging new upstream
> releases is too much effort, why bother uploading it to Debian in the
> first place?
Actually, I think everything that tries to circumvent the package
management syst
FYI: On Wed, 2014-06-18 at 12:46 +0200, Holger Levsen wrote:
> one or two bug reports might be oh so more useful than posting on -devel.
#752275 and #752277
Cheers,
Chris.
smime.p7s
Description: S/MIME cryptographic signature
Hey Holger,
On Wed, 2014-06-18 at 12:46 +0200, Holger Levsen wrote:
> > It also doesn't seem to protect against downgrading attacks... (see my
> > previous post about that).
> one or two bug reports might be oh so more useful than posting on -devel.
I will submit tickets for the ones I know (as s
* Holger Levsen , 2014-06-18, 12:46:
usually one should depend on a fixed hash in such downloader
packages... doing it with gpg is securely possible, but much more
complicated.
and then for each update you need to update the launcher package -
thats an aweful lot of work for little / no gain
Hi,
On Mittwoch, 18. Juni 2014, Christoph Anton Mitterer wrote:
> torbrowser-launcher seems to use the keys from the upstream
> developers... basically giving them (who are not DDs) the potential
> power to install _any_ code in the system of Debian users.
fun fact: there's at least one DD among
On Tue, 2014-06-17 at 13:39 +0200, Holger Levsen wrote:
> > Well I guess the reason for flash is rather the license, isn't it?
> no, it's in contrib, because it's a downloader package.
Well sure... but flash itself is not in main for it's license...
> both torbrowser-launcher as well as flashplu
Hi Christoph,
On Montag, 16. Juni 2014, Christoph Anton Mitterer wrote:
> Well I guess the reason for flash is rather the license, isn't it?
no, it's in contrib, because it's a downloader package.
> Anyway... just because something it in contrib/non-free for legal
> reasons... I see no necessit
On Thu, 2014-06-12 at 23:06 +0200, Holger Levsen wrote:
> both flashplugin-nonfree and torbrowser-launcher are (or will be) in contrib
> (and thus not be part of Debian) for exactly those reasons you described.
Well I guess the reason for flash is rather the license, isn't it?
Anyway... just bec
Hi Christoph,
On Donnerstag, 12. Juni 2014, Christoph Anton Mitterer wrote:
[many things]
both flashplugin-nonfree and torbrowser-launcher are (or will be) in contrib
(and thus not be part of Debian) for exactly those reasons you described. And
both rightfully belong to contrib, even though tor
12 matches
Mail list logo