Ask Your Question
0

How can I get RPM Fusion (rpmfusion.org) security package announcements?

asked 2018-09-12 04:45:10 -0500

Hi, I started to use RPM Fusion (rpmfusion.org) repository. I have announcements from Fedora here https://lists.fedoraproject.org/archi... with "[SECURITY]" in the title (as described here ) But where can I find RPM Fusion announcements?

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-09-13 00:42:30 -0500

genodeftest gravatar image

The RPM Fusion project is completely separate, so you will not find any security announcements on lists.fedoraproject.org. From a look on rpmfusion.org, I cannot find any security announcements there either. I doubt they do have any process for tracking security bugs. RPM Fusion probably just ignores the security bugs and updates packages when a developer has time for that.

You may subscribe to the RSS feed of all builds, that will give you the update information. Or use dnf updateinfo.

PS: Yes, that website does not even have TLS even though it hosts important packaging infrastructure. As far as I have seen, the infrastructure of any non-official repo (except the coprs, maybe) is like this: horribly insecure. They have shipped unsigned builds for a long time and some repository descriptions still default to not checking repository signatures.

edit flag offensive delete link more

Comments

I have not seen any update information from rpmfusion when running dnf updateinfo.

villykruse gravatar imagevillykruse ( 2018-09-13 04:36:55 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2018-09-12 04:45:10 -0500

Seen: 44 times

Last updated: Sep 13