Call for real-world scenarios prevented by RB practices

Hervé Boutemy hboutemy at
Sun Mar 27 06:02:38 UTC 2022

Le vendredi 25 mars 2022, 10:57:57 CEST Richard Purdie a écrit :
> Most of these aren't malicious but they are "bad" in the sense that we
> wanted to identify and fix them.

one such "bad but not malicious" case I found recently: the PGP private key 
passphrase of a release manager was dumped in a public binary release 
(unexpected consequence of the release build process...)



More information about the rb-general mailing list