https://bugzilla.novell.com/show_bug.cgi?id=637764
https://bugzilla.novell.com/show_bug.cgi?id=637764#c11
--- Comment #11 from Sven Burmeister 2011-01-06 19:55:00 UTC ---
I think both of you are right.
Showing only official updates by default does make sense but has a flaw because
most people do use 3rd party packages, i.e. at a minimum packman.
So if some package from that repo has a security issue its update is not shown
in the update applet. This is a security issue.
Thus IMHO one has to acknowledge that most users do use 3rd party repos and
hence need updates from those repos. As a result an update applet has to show
these updates.
If a user chooses to change vendor for a package, I think it is ok to assume
that he wants updates for that package from that repo as well.
So the update applet should be set by default to only show updates that do not
require a vendor change. The user might change that to show all updates.
An option to only show official patches does not make sense IMO since if a user
does not use 3rd party repos he will only get security updates anyway and if he
chooses to change vendor for a package he needs those updates because they
might be security fixes.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.