On 11/29/2004 03:07:17 AM, Axel Thimm wrote:
Or let me rephrase the problem, why do some people insist that replacing packages is bad? The replacements are obviously done for some reason, and not for reducing stability and security.
It's bad for several reasons -
1) Bugzilla.
A user has a bug in a program, they report it to bugzilla, clueless to the fact that their Fedora binary was replaced by my package and that the bug may not be present in the Fedora binary.
2) Security
Fedora does sometimes patch packages for security.
Say Fedora puts a security patch in balsa-2.2.4 but the user is running my balsa-2.2.5 package - which also has the vulnerability, but I am not aware of it or the patch.
Fedora releases a new balsa 2.2.4 package fixing the security issue, but the user doesn't get the update because they have balsa 2.2.5
3) Newer isn't always better.
Maybe libfoobar.so.3.3 provides something that a fooripper needs that libfoobar.so.3.2 doesn't provide, but at the same breaks some things that I did not test for when packaging the newer libfoobar.
