Re: What to do about t1lib / RC #637488

["Adam D. Barratt" <adam@adam-barratt.org.uk>]

user release.debian.org@packages.debian.org
usertag 637488 + wheezy-can-defer
tag 637488 + wheezy-ignore
thanks

On Sat, 2012-08-04 at 16:45 +0200, Moritz Mühlenhoff wrote:
> On Sat, Aug 04, 2012 at 12:37:23AM +0200, Tobias Hansen wrote:
> > t1lib has no upstream, but a number of security vulnerabilities and reverse dependencies.
> > 
> > We need to know if #637488 can be ignored for wheezy or if we should go for removal and file bugs against the reverse dependencies.

There already are bugs against (at least some of) the reverse
dependencies.  I see Pino just set those as blockers against the RM bug;
thanks!

> We fixed up the known security issues in DSAs and while the code base is
> admittedly old and crusty, I don't see this issue as pressing that the removal
> cannot wait until Jessie.

Looking at the tracker and the upload history - ack; thanks.

Regards,

Adam