[Hackage] #239: security hole: anyone can replace a package
Hackage
trac at galois.com
Thu Feb 14 07:07:44 EST 2008
#239: security hole: anyone can replace a package
--------------------------------+-------------------------------------------
Reporter: guest | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: HackageDB website | Version:
Severity: normal | Resolution:
Keywords: | Difficulty: normal
Ghcversion: 6.8.2 | Platform:
--------------------------------+-------------------------------------------
Comment (by duncan):
Replying to [comment:1 ross at soi.city.ac.uk]:
> It used to reject repeat uploads, but people complained.
What were the complaints? People are not satisfied with just uploading a
new version? Is there something else that would satisfy them perhaps, like
allowing hiding old/obsolete/broken versions in the web UI.
--
Ticket URL: <http://hackage.haskell.org/trac/hackage/ticket/239#comment:2>
Hackage <http://haskell.org/cabal/>
Hackage: Cabal and related projects
More information about the cabal-devel
mailing list