This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new!

Re: Security headache?

Posted by: Anonymous [ip:] on December 23, 2008 10:45 AM
and how it is not now. .. when debian or enterprise distro's will have two years old version of libs which needs to be packaged. It may happen now that a distro or package dev may update the dependency to refect the new updated (patched) lib and you can safely install it getting the fix whereas right now you may not be able to cause that update breaks something in your distro and it will take them a long time to fix the issue .. or backport the patch.

If you talk about the developer of the package who is fixing the bug .. and needing to apply it in every version of the package .. that can happen now all the same cause distro's are using different version (mostly not the latest) but thas mostly taken care of by distro maintainers.

Yes there are troubles on how exactly you manage the whole dependency since you can now have so many different combination .. version,patched .. but thats something every distro, maintainer already manages in their head .. I guess this would force everyone to be a bit formal or at least thats what my understanding is.


Return to Nix fixes dependency hell on all Linux distributions