... and another typo:
* Bruno Haible wrote on Sat, Dec 06, 2008 at 01:04:31PM CET:
> *** doc/gnulib-intro.texi.orig2008-12-06 12:56:52.0 +0100
> --- doc/gnulib-intro.texi 2008-12-06 12:56:07.0 +0100
> + Security: Gnulib provides functions that are immune against vulner
On Tue, Nov 18, 2008 at 11:30 AM, Colin Watson <[EMAIL PROTECTED]> wrote:
> "Convenience copies" of code have a bad reputation with distributions in
> general, particularly with distribution security teams. For example,
> zlib has had a couple of security flaws which we've had to fix in Debian
> s
Colin Watson wrote on 2008-11-18:
> I'd much rather live in a world where people use
> Gnulib and so are willing to use non-portable functions like
> asprintf, canonicalize_file_name, openat, and so on than our current
> world which is still full of stupid vulnerabilities due to peo
On Thu, Nov 06, 2008 at 09:46:45PM +0100, Sylvain Beucler wrote:
> On Thu, Nov 06, 2008 at 10:17:21AM +0100, Jim Meyering wrote:
> > [this thread started here:
> > http://thread.gmane.org/gmane.comp.lib.gnulib.bugs/15559 ]
> >
> > Sylvain Beucler <[EMAIL PROTECTED]> wrote:
> > > FYI, Debian appar
Hi,
On Thu, Nov 06, 2008 at 10:17:21AM +0100, Jim Meyering wrote:
> [this thread started here:
> http://thread.gmane.org/gmane.comp.lib.gnulib.bugs/15559 ]
>
> Sylvain Beucler <[EMAIL PROTECTED]> wrote:
> > FYI, Debian apparently does not accept new packages that bundle
> > gnulib, asking to reb
Hi Sylvain,
[this thread started here:
http://thread.gmane.org/gmane.comp.lib.gnulib.bugs/15559 ]
Sylvain Beucler <[EMAIL PROTECTED]> wrote:
> FYI, Debian apparently does not accept new packages that bundle
> gnulib, asking to rebootstrap with their packaged copy instead.
> http://packages.debia
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to Sylvain Beucler on 11/4/2008 12:29 PM:
> Just to know, what do you think about it?
A recipe for disaster.
> Afaics the Debian 'gnulib'
> package is refreshed monthly with a git checkout dated "this month's
> 1st day at 00:00".
Insuffici
Sylvain Beucler wrote:
> Afaics the Debian 'gnulib'
> package is refreshed monthly with a git checkout dated "this month's
> 1st day at 00:00". Since gnulib is a 'no release' project I'm not sure
> about it. Usually I perform some testing of my copy of gnulib and I
> refresh it only after a release
Having convinience copies of existing code
The phrase "convenience copies" [sic] indicates they do not have a
correct understanding of gnulib. A gnulib package updated monthly is
mostly useless, as far as I can see.
If they are going to start rejecting every package using gnulib, that
will b
Hi,
FYI, Debian apparently does not accept new packages that bundle
gnulib, asking to rebootstrap with their packaged copy instead.
http://packages.debian.org/search?keywords=gnulib
Just to know, what do you think about it? Afaics the Debian 'gnulib'
package is refreshed monthly with a git checko
10 matches
Mail list logo
