Hi Chris,

The part about the possible downgrade attack on get-upstream-version.pl seems
worth addressing. The rest is quite vague to me, or applicable to the entire
Debian repository, or already covered in the package. Or am I overlooking
something essential here ?

Regards,

Bart Martens


-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to