© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
I feel like this would be acceptable, from a security standpoint, to enable at build time. It would be disabled by default and upstream makes it clear that it should only be enabled if you know what you're doing:
https:/
After reading bug reports and comments on social media, I have to assume that there are users out there that know what they're doing and depend on this feature.
If this feature is enabled in an SRU, the upload must include the fix for CVE-2013-1362:
https:/
There's no need to take this change through the security pocket since the current package is not vulnerable to CVE-2013-1362. It can take the normal SRU route directly to the updates pocket.