[Dev] [consensus][due: 2016-10-20] Quarentena for unsecured unmaintained packages

fauno fauno at endefensadelsl.org
Tue Oct 4 20:34:23 GMT 2016

maybe you can device a shell script that informs when a package hasn't
been updated for some time?  it would be a matter of parsing pacman -Si
output (or the database directly)

Alejandro Hernández <alejandrohp at openmailbox.org> writes:

> Hi,
> I was using 'Icecat' during 4 months. I wrote an email to the developer 
> and I was answered that icecat is not maintained nowadays and it has 
> multiple vulnerabilities. But 'icecat' is available for users into 
> 'libre repo'.
> Is there a way to put into quarentena non secure or not maintained 
> packages?
> Not maintained package, with security problems could be into another 
> "(quarentena) repo". Or whatever, but not be (temporarily) available by 
> default for users.
> 🤔
> Thanks,
> _______________________________________________
> Dev mailing list
> Dev at lists.parabola.nu
> https://lists.parabola.nu/mailman/listinfo/dev

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 584 bytes
Desc: not available
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20161004/831e1d82/attachment.sig>

More information about the Dev mailing list