Hi, El 13/05/16 a las 09:51, Raphael Hertzog escribió: > Hello, > > On Thu, 12 May 2016, Markus Koschany wrote: > > I saw those commits too yesterday. I would suggest that we discuss EOLed > > packages on debian-lts before we mark CVEs as unsupported in Wheezy LTS. > > Definitely, we should not mark CVE as "end-of-life" before we agreed to > mark it as such in debian-security-support... > > That said for vlc I think no customers expressed any need for that > package. > > So I think we can stick to this decision and actually put it into > debian-security-support, even if we are going to support libav... > because vlc has many security issues of its own and contrary to libav > it's not a reverse dependency for many packages AFAIK. > > > findings. The same goes for vlc and Brian May's investigation into the > > maintainability of libav and related apps. In any case we should always > > update debian-security-support as well when we decide to end support for > > packages. > > And announce those changes at the same time ideally. Through DLAs maybe? I have a pending upload to close #824015, but now I'd prefer to wait until May 23, for giving time to decide on this, and to wait for more translations for the updated debconf template. Cheers, Santiago
Attachment:
signature.asc
Description: PGP signature