[Dev] Compiling our own core packages
g4jc at openmailbox.org
Sun Jan 8 15:09:01 GMT 2017
Due to some serious disagreements with upstream Arch, we are going to
start compiling our own core packages.
This is involving upstream bug https://bugs.archlinux.org/task/49979
against binutils. It is currently built with HTTP, no GPG signature, and
no hash check. They are unwilling to fix the issue and have made several
Since the secured PKGBUILD is already made, upstream has little excuse
not to package it. We can roll out this important security fix in
[libre] after it has been tested.
All core packages should have HTTPS/GPG/SHA512 whenever possible, so we
will be updating a few other core PKGBUILDs as well and pushing these
updates to libre-testing.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the Dev