[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: bsdiff package vulnerable to CVE-2020-14315
From: |
Léo Le Bouter |
Subject: |
Re: bsdiff package vulnerable to CVE-2020-14315 |
Date: |
Wed, 10 Mar 2021 21:33:32 +0100 |
User-agent: |
Evolution 3.34.2 |
On Wed, 2021-03-10 at 12:32 -0500, Leo Famulari wrote:
> Well, we could also just remove this package. It sounds like it is
> not
> supported on Linux. Does it offer some unique functionality?
I would advocate for removal of the package, or at least warning about
absence of security patches for security issues at install/show time.
signature.asc
Description: This is a digitally signed message part