[Dev] [consensus][due: 2016-10-20] Quarentena for unsecured unmaintained packages
fauno at endefensadelsl.org
Tue Oct 4 20:34:23 GMT 2016
maybe you can device a shell script that informs when a package hasn't
been updated for some time? it would be a matter of parsing pacman -Si
output (or the database directly)
Alejandro Hernández <alejandrohp at openmailbox.org> writes:
> I was using 'Icecat' during 4 months. I wrote an email to the developer
> and I was answered that icecat is not maintained nowadays and it has
> multiple vulnerabilities. But 'icecat' is available for users into
> 'libre repo'.
> Is there a way to put into quarentena non secure or not maintained
> Not maintained package, with security problems could be into another
> "(quarentena) repo". Or whatever, but not be (temporarily) available by
> default for users.
> Dev mailing list
> Dev at lists.parabola.nu
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 584 bytes
Desc: not available
More information about the Dev