OoO En cette fin de nuit blanche du dimanche 09 mars 2008, vers 05:49,
Florian Weimer <[EMAIL PROTECTED]> disait:
>> I think that this "inferiority" should be changed to equality in term
>> of security. I suppose that __cmp__() in Version class could return 0
>> when all the following conditions are met:
>> - upstream versions are equal
>> - debian versions of the package without r'~.*$' pattern are equal
>> Otherwise, we just use return VersionCompare() result.
> This doesn't work because "~" isn't really that special. It's used by
> maintainers as well, not just backports and testing-security.
Do you have other examples? I did not find one. I emphasize the fact
that we only consider '~' in the debian version part, not in upstream
version.
> Sorry, but the fix is more complex, and I'm not 100% sure what it would
> look like. It probably has to happen on the server side anyway.
Backports are not official and can come from various sources
(backports.org or backports made by hand). I don't see how you could
handle this on server side.
--
#ifdef STUPIDLY_TRUST_BROKEN_PCMD_ENA_BIT
2.4.0-test2 /usr/src/linux/drivers/ide/cmd640.c
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
