On Sat, Mar 18, 2017 at 01:36:31PM -0400, John Darrington wrote: > [CC guix-devel@gnu.org] > > So we have to make a choice: > > 1. Package a released program with a known vulnerability; or
Although all non-trivial software contains bugs, many of which can be exploited, we should not add new packages with known exploitable vulnerabilities.
signature.asc
Description: PGP signature
