Displaying 1 result from an estimated 1 matches for "packagemanagersecur".
2008 Jul 21
2
How to get additional packages? How secure is Yum?
...t of date*! So there should either be an update or the package maybe should be removed at all as it is a security hole! Is there a repository available which only has that much packages as the maintainer is able to keep secure?
- My second question is about:
http://www.cs.arizona.edu/people/justin/packagemanagersecurity/attacks-on-package-managers.html
Yum also seems to affected, so a malicious mirror would be able to downgrade a package on a server where it's suggested to be *upgraded* to a patched version.
When will Yum be fixed and what is the suggested way to get Yum more secure?
Thanks in advance fo...