El 2016-10-04 22:34, fauno escribió:
maybe you can device a shell script that informs when a package hasn't
been updated for some time? it would be a matter of parsing pacman -Si
output (or the database directly)
Alejandro Hernández <[email protected]> writes:
Hi,
I was using 'Icecat' during 4 months. I wrote an email to the
developer
and I was answered that icecat is not maintained nowadays and it has
multiple vulnerabilities. But 'icecat' is available for users into
'libre repo'.
Is there a way to put into quarentena non secure or not maintained
packages?
Not maintained package, with security problems could be into another
"(quarentena) repo". Or whatever, but not be (temporarily) available
by
default for users.
🤔
Thanks,
_______________________________________________
Dev mailing list
[email protected]
https://lists.parabola.nu/mailman/listinfo/dev
'pacman -Si' informs about the compilation date by Parabola team. Maybe
with an external script...
But I'm talking about what to do with detected unsecured (long time)
unmaintained packages. I mean packages without updates with security
vulnerabilities known. (Like nowadays 'icecat')
_______________________________________________
Dev mailing list
[email protected]
https://lists.parabola.nu/mailman/listinfo/dev
