Re: security related bug report - no maintainer reaction for 1 year
Hi Johannes,
* Johannes Poehlmann (johannes@lst.de) [040721 14:55]:
> I am working in the development projekt for the speak-freely package.
> (speak-freely.sourceforge.net)
>
> One Year and a day ago, i filed this bug report, saying that
> o There are security related bugs in the very outdated debian package
> o These bugs are fixed by new upstream sources
> o I integrated the sources in the new package and added a link in the
> bug report
> o Roman Hodek tried to upload the new package as a NMU which
> possibly got lost by the server problems or got cancelled
> by the maintainer.
the current status is: This package is only available in woody, the
current stable distribution. So, please feel free to upload it fresh
to unstable if you want (but you'll need a sponsor for this).
For woody (or any stable distribution), things are a bit outdated most
times. That is the reason why it is called stable. If you can provide
the security team with the necessary information about the nature of
the bug, they can do a security upload. Please see
http://www.debian.org/doc/developers-reference/ch-pkgs.en.html#s-bug-security
for details.
For the other issues how to deal with new packages, please see
http://www.debian.org/doc/debian-policy/ and
http://www.debian.org/doc/developers-reference/ .
Cheers,
Andi
--
http://home.arcor.de/andreas-barth/
PGP 1024/89FB5CE5 DC F1 85 6D A6 45 9C 0F 3B BE F1 D0 C5 D1 D9 0C
Reply to: