Extras Security Policy

Michael Schwendt bugs.michael at gmx.net
Thu Sep 8 09:39:50 UTC 2005

On Thu, 8 Sep 2005 00:15:49 -0500, Dennis Gilmore wrote:

> Once upon a time Thursday 08 September 2005 12:12 am, Hans de Goede wrote:
> > Hi,
> >
> > I've just read an article on how most distro's are doing when it comes
> > to (timely) releasing security updates on lwn.net (this weeks security
> > page subscribers only).
> >
> > One of the things discussed in this article is that add-on repositories
> > usually lack a clear security policy.
> >
> > One example given is that clamav, an open source virus scanner in extras
> > has a real exploitable security flaw, for which upstream has released a
> > fix I assume, but which is still exploitable in the Extra's version.
> >
> > It is in no way my attention to single out clamav, this is just an example.
> the clamav package maintainer  has been very quick  with updated packages 
> which fix security issues in the past  the current release in extras  is 
> 0.86.2  which according to clamav.net  is the latest stable release. 

Even for FC2/FC1/RHL9 at fedora.us, the 0.86.2 packages are available.

More information about the fedora-extras-list mailing list