Re: Second list of suggestions for Debian 3.0r3
On Mon, Mar 29, 2004 at 06:10:14PM +0200, Martin Schulze wrote:
> Adrian Bunk wrote:
> > thanks for commenting on my first list of suggestions for Debian 3.0r3.
> > Below are some additional suggestions (this time only removal
> > suggestions):
> > Must be removed
> > ---------------
> > - freeamp #152857
> > trademark problems
> We disagree. A "discussion" has been started on debian-legal because
> of this.
I've sent my opinion in the answer to tbm's mail.
But you are the SRM, it's your decision.
> > Other candidates for removal
> > ----------------------------
> > - gkrellm-newsticker
> > was removed from unstable with the comment
> > RoQA; two unfixed security holes; orphaned
> > should be removed or the security team should check whether a DSA is
> > appropriate
> The security team needs to decide.
> > - xfree86v3
> > possibly unfixed security problems
> The security team is fixing stuff with help of Branden. Hence,
> this should be discussed with the security team as well.
> Also, removing security-buggy packages would not help our users.
> It's even the contrary, since the users would still use the buggy
> version, without an upgrade path unless they upgrade their distribution.
> Hence, removing due to security problems is not a preferred method
> to deal with security issues.
But somthing similar might need to be implemented between stable
releases - the same problem you want to avoid will occur when upgrading
to Debian 3.1.
And in potato smail was the only important package with possible
security problems that was removed and it was explicitely described in
the release notes. Today with the removal of packages from testing every
few days I expect that there will be many security-buggy packages
present in Debian 3.0 that will not be in Debian 3.1.
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed