This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

unhappiness with zero package security


02 jul 2016

i tried to build and install gcc, and i ran into a problem.  your
docs suggest isl acts as an OPTIONAL package for optimizations.
however, i could not build gcc without it.

when i went to download it, i discovered the hosting website
(http://isl.gforge.inria.fr/) offered zero security.  no pgp
signatures.  no https.  no .md5/sha* sums.  nothing.  when i went
to their github, it offered only a self-signed certificate.

considering the fsf offers all of its packages via https and with
signatures, why would you mandate the use of any package with
zero security?  could you not teach the hosting website how to
offer a secure version of its package?

instead of upgrading to 6.1.0 or 5.x, i instead chose 4.9.3 which
appears to NOT require isl.

the disappointed
frank smith

-- 
http://www.fastmail.com - Does exactly what it says on the tin


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]