Re: Considerations for 'xmms' removal from Debian

[William Pitcock <nenolod@sacredspiral.co.uk>]

Jon Dowland <lists <at> alcopop.org> writes:

> Unless I've got my timeframes wrong, there were a few
> successful attempts too. What's objectionable about people
> trying to find security flaws in your software, apart from
> their motivation for doing so?
> 

There is nothing wrong with trying to find security flaws. However,
there have been no security flaws found in audacious itself, but instead
in the third party code we carry on. We have infact used these flaws to
motivate distributions to keep the latest audacious always available to their
userbase, e.g. "hey 1.2.2 has a ton of flaws, you might want to upgrade it
in your next release if you weren't doing so already."

My issue is that I find it patently offensive that people attack my work
simply because they wish to regain XMMS in their distribution. Maybe
I am wrong in thinking that way, but I'm pretty sure I'm not.

William