ppp bug and maintainer's negative attitude

To: debian-devel@lists.debian.org
Subject: ppp bug and maintainer's negative attitude
From: Andrea Borgia <borgia@cs.unibo.it>
Date: Fri, 19 Mar 2004 15:53:55 +0100
Message-id: <[🔎] 405B0983.2090300@cs.unibo.it>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello.


Recently I stumbled upon a bug in ppp whereas the daemon would start
forking like hell if the line was forcibly disconnected. This is due to
a race condition and has already been fixed in unstable, according to
the changelogs.

Acting on advice from a couple of DD friends, I reported it to
security@debian.org, asking whether it could be considered a d-o-s (a
few disconnnections at most and the bug is triggered, bringing the

system down), with the current maintainer (Marco d'Itri) in CC, andproviding reference to two other bug reports detailing the same issue.He has to be praised for not wasting bandwidth, since his reply was asimple "no", without any further explanation or comment.


Even though I did not want to clutter the BTS with duplicate reports, I
was again advised to file a new report (238840) restating the facts and
asking for a backport to be made. This time the answer was slightly more
verbose and I quote it here (without permission, but the BTS is public):

- -cut-
This happened to only one user. I consider this problem minor and have
no plan to backport ppp.
- -cut-

I _do_ consider this head-in-the-sand attitude to be extremely negativein a maintainer because:


1) the bug is real and quite disruptive

2) it is an outright _lie_ that I am the only one who suffered from this

problem, as can plainly be seen from reading the two bugs (172317 and175480) that I referenced both in the message to security and in the bug

report. Further analysis of ppp archived bugs shows other have had
similar problems, I simply chose the two most relevant ones as proofs.

3) the bug report has been closed with no action as if nothing hadhappened and with the declared intention of not fixing it ever. It wouldhave been much better to acknowledge it as being worked on and thenleaving it open pending the backport of the patch.



Again acting on advice from my DD friends, I am posting here asking for
help: what else can it be done to solve this issue? Rebuilding the ppp
package from unstable on stable isn't feasible because of complex
dependecies and, again, the whole point of using stable is not having to
care about such things (to a certain extent, granted).


Best regards and thanks in advance,
Andrea.

- --Homepage: http://andrea.borgia.bo.it / Amateur radio: IZ4FHT

Key fingerprint: 4037 9711 85C6 F9F9 A505  FA0A BB62 3A3C F7BA 9B13

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD4DBQFAWwmMu2I6PPe6mxMRAlG2AJ9OzWsJ9i5DBOP+mCN/kfwQ7qNlogCYre6Q
t4No4P22+XDHUi6a8o3kyQ==
=lhhN
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: ppp bug and maintainer's negative attitude
  - From: Russell Coker <russell@coker.com.au>
- Re: ppp bug and maintainer's negative attitude
  - From: Frank Küster <frank@debian.org>
- Re: ppp bug and maintainer's negative attitude
  - From: Adrian Bunk <bunk@fs.tum.de>

Prev by Date: Bug#238286: ITP: Kazehakase (retitled from RFP)
Next by Date: Re: Release-critical Bugreport for March 19, 2004
Previous by thread: Bug#238286: ITP: Kazehakase (retitled from RFP)
Next by thread: Re: ppp bug and maintainer's negative attitude
Index(es):
- Date
- Thread