At the beginning of this year we noticed that the Deepin Desktop as it is currently packaged in openSUSE relies on a packaging policy violation to bypass SUSE security team review restrictions. With a long history of code reviews for Deepin components dating back to 2017, this marks a turning point for us that leads to the removal of the Deepin Desktop from openSUSE for the time being.
  • nesc@lemmy.cafeEnglish
    16·
    10 months ago

    tldr: deepin continuously ignored and/or didn’t invest time into fixing numerous security issues, and created a shortcut that just asked users if they are ok with installing insecure dbus configuration files and polikit policies that weren’t whitelisted by suse.