The technical committee was asked to provide advice regarding the
codecs in mumble, specifically celt, and their impact on the ability
of mumble to interact with other clients, coupled with the security
and maintenance implications of shipping a codec which has been
superseeded upstream.
===Resolution Text===
Context:
1. The questions surrounding the codecs in mumble, especially celt,
have been referred to the Technical Committee.
2. The mumble maintainers have stated their willingness to follow
our advice (Constitution 6.1(5)). This may or may not amount to
a delegation to us of the decision (6.1(3)) but in any case we
merely need to state our reasoning and conclusions and are not
being asked to overrule the maintainer.
Release Critical status of celt 0.7.1 in mumble:
3. mumble is a useful and fairly widely-used voice chat program.
4. Distributions of mumble (from other distros and upstream)
currently implement the celt 0.7.1 codec as a baseline. It does
not appear to the TC that (in wheezy) the provision of any other
codec obviates the need for mumble to support celt 0.7.1.
mumble with celt 0.7.1 has been tested and found to interoperate
properly with nearly all other mumble versions.
5. Consequently, we consider the lack of celt 0.7.1 support in
mumble a release-critical bug.
Security risks from celt 0.7.1:
6. While the upstream security support situation for celt 0.7.1 is
not ideal, the TC does not consider that the security risks
associated with celt 0.7.1 in mumble are intolerable.
7. The Debian Security Team have stated that they have no objection
to including celt 0.7.1 in mumble in wheezy.
8. Consequently, mumble should remain in wheezy with celt 0.7.1
(the alternative being to remove mumble as unfit for release).
Packaging approach:
9. There are no other packages intended for wheezy which ought to
want this codec.
10. Providing separate celt library in wheezy is undesirable because
it might promote the use of a codec which we are planning to
retire in the medium to long term.
11. While embedded code copies are in general to be avoided because
lead to proliferation of multiple versions, that therefore does
not apply in this case.
12. The upstream mumble source already contemplates building with
various embedded versions of celt.
13. There is no reason to support any other version of celt in
mumble.
14. Consequently, the mumble source package should be configured to
use an embedded copy of celt 0.7.1. (If necessary the embedded
copy of celt in the source package should be updated to the
actual 0.7.1.)
We therefore recommend that:
15. The mumble maintainers, with appropriate help from other
interested parties, should prepare an upload of mumble for wheezy
with
- embedded celt 0.7.1 enabled
- no other version of celt enabled
- whatever other release-critical bugfixes they consider
relevant (subject to any appropriate discussion with the
release team as necessary)
- closing #675971.
16. #675971 should remain at an RC severity, be untagged wontfix,
and maintained open until it is closed as discussed above.
17. If the release team are content with the other changes
in the new mumble package, the new version should be unblocked
to propagate into wheezy.
18. After that propagation, the separate celt packages should be
removed from wheezy. This should be requested by the celt
maintainer filing a removal bug in the normal way, after mumble
with embedded celt 0.7.1 has propagated to wheezy.
===End of Resolution Text===
Please see http://bugs.debian.org/682010 for background and discussion
of this bug.
Don Armstrong
--
Where am I? THE VILLAGE. What do you want? INFORMATION. Which side are
you on? THAT WOULD BE TELLING. WE WANT INFORMATION. INFORMATION.
INFORMATION. You won't get it! BY HOOK OR BY CROOK, WE WILL. Who are
you? THE NEW NUMBER 2. Who is Number 1? YOU ARE NUMBER 6. I am not a
number! I am a free man! HAHAHAHAHAHA.
-- Patrick McGoohan as Number 6 with Number 2 in "The Prisoner"
http://www.donarmstrong.com http://rzlab.ucr.edu
Attachment:
signature.asc
Description: Digital signature