Re: Second list of suggestions for Debian 3.0r3

To: Adrian Bunk <bunk@fs.tum.de>, debian-devel@lists.debian.org, Branden Robinson <branden@debian.org>, ed@debian.org, Lionel Elie Mamane <lionel@mamane.lu>
Subject: Re: Second list of suggestions for Debian 3.0r3
From: Martin Schulze <joey@infodrom.org>
Date: Mon, 29 Mar 2004 18:10:14 +0200
Message-id: <[🔎] 20040329161014.GB1655@finlandia.infodrom.north.de>
In-reply-to: <[🔎] 20040329155101.GV22291@fs.tum.de>
References: <[🔎] 20040329155101.GV22291@fs.tum.de>

Adrian Bunk wrote:
> thanks for commenting on my first list of suggestions for Debian 3.0r3.
> 
> Below are some additional suggestions (this time only removal 
> suggestions):
> 
> 
> Must be removed
> ---------------
> 
> - freeamp #152857
>   trademark problems

We disagree.  A "discussion" has been started on debian-legal because
of this.

> - scsh #240162
>   licence is non-free

Should be moved to non-free, but requires help of developers who
support non-free to rebuild the new package on non-ia32 architectures.
I'm in touch with Lionel, but we need support from others.  The
good thing is that the new version will be free again.  So this
is not an evil non-free package, but a package which unintentionally
contained non-free parts, that were removed in a later release
after intervention of the Debian maintainer.  Hence, we should rather
move it to non-free for stable than remove it.  I'd argue differently
if this package would still be non-free in its most recent version.

Lionel sent a mail to debian-ports today.

> Completely useless since 3.0r0
> ------------------------------
> 
> - kernel-patch-2.4.0-reiserfs #159092
>   ReiserFS was included in 2.4.1

Oh, this I overlooked.  Ack.

> Other candidates for removal
> ----------------------------
> 
> - gkrellm-newsticker
>   was removed from unstable with the comment
>     RoQA; two unfixed security holes; orphaned
>   should be removed or the security team should check whether a DSA is
>   appropriate

The security team needs to decide.

> - xfree86v3
>   possibly unfixed security problems

The security team is fixing stuff with help of Branden.  Hence,
this should be discussed with the security team as well.

Also, removing security-buggy packages would not help our users.
It's even the contrary, since the users would still use the buggy
version, without an upgrade path unless they upgrade their distribution.
Hence, removing due to security problems is not a preferred method
to deal with security issues.

Regards,

	Joey

-- 
Never trust an operating system you don't have source for!

Please always Cc to me when replying to me on the lists.

Reply to:

Follow-Ups:
- Re: Second list of suggestions for Debian 3.0r3
  - From: Adrian Bunk <bunk@fs.tum.de>

References:
- Second list of suggestions for Debian 3.0r3
  - From: Adrian Bunk <bunk@fs.tum.de>

Prev by Date: Re: Bug#239952: kernel-source-2.6.4: qla2xxx contains non-free firmware
Next by Date: Re: Second list of suggestions for Debian 3.0r3
Previous by thread: Re: Second list of suggestions for Debian 3.0r3
Next by thread: Re: Second list of suggestions for Debian 3.0r3
Index(es):
- Date
- Thread