[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Packages still depending on GTK+ 1.2

Le Mon, Dec 08, 2008 at 04:25:56PM -0600, Gunnar Wolf a écrit :
> All sorts of programming practices
> that have become obsoleted (or outright shown to be dangerous) over
> the years. As an example - Around ten years ago few people would have
> thought about the security implications of an integer overflow or
> format string attacks.

Hi all,

seecurity is of course important, but as I was told during the last DPL debate,
it is possible to opt out support from the security team, which is only for
Stable anyway. 

Buffer overflows are not the same issues when viewing downloaded PDFs from
anywhere compared to viewing molecules which structure is downloaded from a
curated databank or from a local structural biology facility. Why not keeping
in Debian a package that helps people to compile software that is useful and is
not broken? It does not cost manpower to Debian: nobody in this thread has
asked for security support, and Morten has proposed to releive the GNOME team
from the burden.

As for scientific software, nobody will find the time or the money to upgrade
from GTK1.2 to GTK2 only for the beauty of it. People are rewarded on their new
developments, not on code maintainance.

Have a nice day,

Charles Plessy
Tsurumi, Kanagawa, Japan

Reply to: