On 2020-04-07 10:48, Ulrich Mueller wrote: > We could add a README.gentoo file with our caveats. It won't be perfect, > but maybe better than nothing. (And certainly better than displaying a > warning on every upgrade, which will eventually annoy people [1].)
I am strictly against something like this. We have a lot of packages with *confirmed* *serious* problems. Zoom is not special to warrant a special treatment in any way. More important: Until today, not one single vulnerability discussed in public recently got confirmed for the Linux version. Sure, that could have banal reasons like "No one audited the Linux version yet". But in security you don't issue warnings if you aren't sure. Because if you make false statements people will no longer trust you. But trust is everything. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5
signature.asc
Description: OpenPGP digital signature