Making debootstrap fail by default on missing keyring is not going to
somehow make all the people who are using it insecurely learn about the
WoT and get a verified keyring.
The actual effect is it'll make a lot of documentation and probably
quite a lot of scripts obsolete/broken for a while, unt
Historically the KERNELMAJOR feature allows to build the same images for
two different kernels, for example 2.4 and 2.6 kernel. This is not used
anymore, but KERNELMAJOR still has to be defined, otherwise the
arguments to pkg-list are shift by one, causing the build to fail. Thus
depending on the a
On Thu, Dec 26, 2013 at 09:47:17PM +0200, Eduard - Gabriel Munteanu wrote:
> I don't want to bash people for this, but I feel security isn't being taken
> seriously; see bug #722906, look how the package manager gladly goes about
> building unverified packages and probably a bunch of other things I
Package: debootstrap
Version: 1.0.55
Tags: patch, security
The keyring might not be available on non-Debian distros, so that warning
should instead be a spectacular fail instead of risking running arbitrary
code. Might not be a very serious issue for Debian, but I tagged it as
'security' anyway. A
Linux kernel ABI bump in experimental: from (none) to 3.12-trunk
Full summary: http://d-i.debian.org/kernel-summary.html#experimental
--
To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://li
On Mon, Apr 01, 2013 at 10:14:16AM -0400, Phillip Susi wrote:
> On 3/31/2013 4:17 PM, Marc Haber wrote:
> > The following patch introduces an --include-early option which
> > allows to introduce eatmydata early enough:
>
> Is this intended to be applied instead of, or on top of my initial
> patch
6 matches
Mail list logo
