andreasstieger
commented
2 years ago closing: 15.2 is EOL, and we need to discuss the reasons for #36 in #31
Closed andreasstieger closed 2 years ago
andreasstieger
commented
2 years ago closing: 15.2 is EOL, and we need to discuss the reasons for #36 in #31
nilxam
commented
2 years ago I couldn't remember do I have seen https connection problem when I create #36 , maybe I just make it being aligned everywhere this url to be used, like for old version https://github.com/openSUSE/download.o.o/blob/master/YaST/Repos/_openSUSE_Leap_15.2_Default.xml or in the https://github.com/yast/skelcd-control-openSUSE/blob/master/control/control.openSUSE.xml
Prevent install-time manipulation of the default distribution repository list by a MITM, who may at a later time present outdated copies with valid signatures to withhold security updates for known vulnerabilities without needing to be MITM at that time.
Change for Leap 15.2 and Tumbleweed only, as these are in active use.