On Monday, July 23, 2012 10:34:28, Ian Jackson wrote: > Philipp Kern writes ("Re: Bug#682010: [mumble] Communication failures due to CELT codec library removal"): > > On Sun, Jul 22, 2012 at 06:31:27PM -0400, Chris Knadle wrote: > > > 1) Fix up "348" from Wheezy so it compiles and uses the CELT > > > > > > codec library [very undesirable] > > > > > > 2) Same as 1) but with embedded CELT (would need testing) > > > 3) drop mumble from Wheezy > > Of these 2. would seem to be the best option. I agree. Pros: - Solution should work for both Wheezy and Sid (-2 in Sid currently has no celt support, and celt is the most widely used codec in mumble on the 'net) - Would use celt 0.7 as well as 0.11 - Celt library can be removed, which a lot of effort has gone into Cons: - Larger diff in mumble - Would greatly irritate mumble maintainer > Mumble is pretty widely used in some communities and I certainly think > we should try to have software in wheezy which can (i) provide a > server for mumble clients (ii) talk to mumble servers (iii) is > generally compatible with the existing deployed base (both inside and > outside Debian). > > Personally I don't think there is much to prefer between 1 and 2. Is > all that's stopping us from fixing this is overcoming our resistance > to an embedded library copy ? If so I think we should just go ahead. Pros: - Smaller diff in mumble Cons: - Only uses celt 0.7 - Proliferates library that upstream requested removal of - No DD found to maintain celt 0.7 library (yet) - Would somewhat irritate mumble maintainer > The difference in security supportability of a single embedded library > copy versus a separately library package with a rdep isn't very > great. The difference mostly consists of the discoverability of the > embedded copy - and after this conversation I think we can reasonably > hope that everyone will know that mumble needs attention for security > bugs in celt 0.7.1. Right. > We should confirm this with the security team but I don't imagine > they'll have an objection. -- Chris -- Chris Knadle Chris.Knadle@coredump.us GPG Key: 4096R/0x1E759A726A9FDD74
Description: This is a digitally signed message part.