Re: bzip2 for source packages?
Avery> Could someone explain to me why it's so important to keep sources
Avery> "pristine" in this sense?
Security. Trojan horses. To be able to compare against digital footprints (eg
md5sums) from upstream.
Avery> I can understand not wanting to
Avery> untar-retar the archive, but recompressing it? Who does that hurt?
The md5sum changes.
--
mailto:edd@debian.org According to the latest official figures,
http://rosebud.ml.org/~edd 43% of all statistics are totally worthless.
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: