[Dev] Mirrors vulnerability issue, Many outdated installs in the wild

fauno fauno at endefensadelsl.org
Mon Feb 15 14:45:30 GMT 2016

Denis 'GNUtoo' Carikli <GNUtoo at no-log.org> writes:

> On Sun, 14 Feb 2016 20:42:02 +0000
> Josh Branning <lovell.joshyyy at gmail.com> wrote:
>> Thanks for telling about this. I commented out the line and it seems
>> to work ok for now.
> It does, after upgrading you can even put back the new default
> mirrorlist since it has been updated.
> My main concerns about that issue are:
> -> Many users don't know about it, they used the default configuration
>    and are trapped (forever?) into the past.
> -> Parabola is vulnerable to outdated mirror, and parabola developers
>    can't do nothing about it when it happens. Affected systems live in
>    the past.

please help me test redirector.parabola.nu so we can avoid having
mirrors in the first place :)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 584 bytes
Desc: not available
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20160215/af7025e0/attachment.sig>

More information about the Dev mailing list