View Issue Details

IDProjectCategoryView StatusLast Update
0001046CentOS-4yumpublic2007-07-26 19:49
Status resolvedResolutionfixed 
Product Version 
Target VersionFixed in Version 
Summary0001046: false Require for centos-yumconf in yum-2.4.0-1.centos4.noarch
[herrold@centos-4 ~]$ sudo rpm -e centos-yumconf
error: Failed dependencies:
        yumconf is needed by (installed) yum-2.4.0-1.centos4.noarch
[herrold@centos-4 ~]$

This is clearly NOT Required -- it is perhaps a Suggests: in that it makes the package function, but it is no more required than 'm4' is Required for sendmail-cf

The proper approach is to add it (centos-yumconf) to the list of base packages, to permit it to be installed in a un-skilled user's base installation, avoiding the need for manual intervention configuring an archive. The mature user can then alter the installing ks.cfg to avoid inclusion of centos-yumconf trivially

The presence of the semi-automatic (and unthinking) importation of a non-cryptographically protected key, as that package is presently set up is too dangerous, and vulnerable to a MitM attack and compromise.



This scares me to death
TagsNo tags attached.




2007-07-26 19:49

administrator   ~0005705

I think this has been fixed in newer versions.

Issue History

Date Modified Username Field Change
2005-10-17 15:46 herrold New Issue
2005-10-17 15:46 herrold Status new => assigned
2007-07-26 19:49 range Status assigned => resolved
2007-07-26 19:49 range Resolution open => fixed
2007-07-26 19:49 range Note Added: 0005705