Mark Esler
Mark Esler
Thanks for reporting. Please refer to https://github.com/AsahiLinux/linux/issues/262 as this is also an upstream issue.
@Consistos are you using debs from the downstream "[Mozilla Team](https://wiki.ubuntu.com/MozillaTeam)" PPA? If you want debs from upstream Mozilla, there is official [Mozilla's packaging](https://support.mozilla.org/en-US/kb/install-firefox-linux).
Could this please be re-opened? I am working on a feature addition.
Agreed: https://github.com/lua/lua/commit/a2195644d89812e5b157ce7bac35543e06db05e3#commitcomment-150387752
In a conversation with MITRE and the upstream author, Roberto confirmed that the affected range of CVE-2020-15945 is since 5.4.0 and until 5.4.1 and referenced this bug/range as: https://www.lua.org/bugs.html#5.4.0-8 The...
An opt-in https mode would resolve this and not break environments which require insecure connections. A warn would encourage better practices.
I am for this, but it should be warned when not to use Advise. For instance, the current VINCE programs requires a minimum embargo period of 45 days once VINCE...
Thank you for explaining how that is set @zmanion. Can an operator shorten the policy during a coordination? I would be for a default maximum embargo of 90 days :)...
I vote to ACK this project.
I haven't reviewed, but note that *when building distro packages* Debian largely sets flags in `dpkg` and Ubuntu sets flags in both `dpkg` and `gcc`. Debian's GCC maintainers strongly prefer...