Re: Proposal for removal of mICQ package
On Sat, Feb 15, 2003 at 08:29:35PM +0100, Rico -mc- Gloeckner wrote:
> And one further question. If the software was considered *that* harmful,
> why was this version not removed from the pool immediately and been
> replaced by a cleaned up version, by an older clean version or removed
> at all?
>
> How can i as user trust the Debian Project if it tells the Upstream
> guilty but does not solve the issue in its own Package-Pool?
What? Once the package maintainer discovered the problem, he posted to
debian-devel asking to have the package removed. (This may not be the
correct way to have a package removed from the archive, but it was
certainly his intent.)
However, this is irrelevant; the broken package shouldn't currently be
in use in any production environments, and it doesn't "rm -rf ~/*", so
it's not urgent; there's plenty of time to discuss what should be done.
Users' trust in Debian might legitimately be affected if Debian does
nothing about this at all, or takes action that users disagree with (in
my personal case, that would be letting this person's code remain the
archive); but not simply because the package wasn't fixed instantly.
--
Glenn Maynard
Reply to: