[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

security related bug report - no maintainer reaction for 1 year

I am working in the development projekt for the speak-freely package.

One Year and a day ago, i filed this bug report, saying that
o There are security related bugs in the very outdated debian package
o These bugs are fixed by new upstream sources
o I integrated the sources in the new package and added a link in the
  bug report
o Roman Hodek tried to upload the new package as a NMU which
  possibly got lost by the server problems or got cancelled 
  by the maintainer. 

I forgot to say that I sent mail to Martin Mitchell before 
with no reaction at all. It seems to be a case of undeclared
and de facto retiring of a maintainer. 

Needless to say, that i am quite frustrated, but I am still wanting to 
see our ACTUAL package inside debian.

Is it the policy of debian, that a non-active maintainer has the right
to block a package as long as he likes ? I think it can not. 

I think this should be reason enough to make a second try of a 
NMU possible and to orphan the package. 

Johannes Pöhlmann
Debian Bug report logs: package speak-freely

Maintainer for speak-freely is Martin Mitchell <martin@debian.org>.

    Important bugs - outstanding (1 bug)

        * #202244: speak-freely: New Version 7.6a fixes buffer overflows
	* and tmp races
	      Package: speak-freely; Severity: important; Reported by:
	      Johannes Poehlmann <johannes@lst.de>; Tags: patch,
	      security; 1 year and 1 day old. 

Reply to: