On Thu, 2019-08-15 at 09:50 -0400, Gerald Henriksen wrote:
> On Wed, 14 Aug 2019 11:23:53 -0500, you wrote:
>
> > So in summary, I guess I mostly support allowing packages which can't be
> > rebuilt to stay in the distribution as long as they actually work and
> > aren't causing maintenance burden elsewhere
>
> On the other hand, unbuildable packages could be viewed as a security
> risk.
>
> If you can't just fix the security issue and rebuild, but instead have
> to also fix the issue(s) that prevent the package from rebuilding this
> could cause delays in getting a security update out.
Not to mention packages with compiled code not picking up all the hardening
flags introduced since they have last been build - that could be a security
issue by itself.
> _______________________________________________
> devel mailing list -- devel@lists.fedoraproject.org
> To unsubscribe send an email to devel-le...@lists.fedoraproject.org
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
