Re: Proposal for removal of mICQ package
On Thu, Feb 13, 2003 at 09:24:05PM +0100, Tore Anderson wrote:
> * Rüdiger Kuhlmann
>
> > Nice for you. I'll tell my users to only use the Official version from
> > micq.org until you stop garbling the package and start cooperating.
>
> * Martin Loschwitz
>
> > Do whatever you want.
>
> ..and if you take into account the mood of the discussion, I read
> your comment as more of an encouragement. He did exactly what he
> said he'd do, and by doing so demonstrated that you're not doing
> proper QA on your packages. IMO, you've got a well-deserved slap,
> and have no reason to sulk over it. Upstream didn't introduce any
> security holes, nor do I get the impression that he intends to.
He didn't say he'd do so in the program, and the fact that he obfuscated
it indicates that he didn't want it to be found, so it's clear that the
text you quoted was *not* an indication that he was going to do what he
did.
I can't believe people are defending the act of slipping obfuscated code
into a program designed to not be seen by the maintainer and to make
Debian look stupid. Whether or not this is seen as a serious offense
(which I believe it is; it's a breach of trust), it's certainly
unacceptable.
--
Glenn Maynard
Reply to: