[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: debian-multimedia.org considered harmful, Was: Unofficial repositories on 'debian' domains

On 2012-03-05 16:42:50 +0100, Reinhard Tartler wrote:
> Friendly discussion with the maintainer of debian-multimedia.org to
> not replace libraries such as libavcodec and friends have failed
> ultimatively (BTW, that is part of the reason why we've ended up with
> an epoch of '4', dmo uses epoch '5');  he has repeatedly shown that is
> not interested in collaborating with pkg-multimedia at all. He also
> does not seem interested in installing libraries in a way that they do
> not interfere with 'official' Debian packages (e.g., by changing
> SONAMES, or installing in private directories, etc.).

It's worse than that. Security support is non-existent, and users
don't know that. An example:


where a user recommended flashplayer-mozilla from debian-multimedia
(debian-multimedia.org), saying that it was working very well. What
he didn't say (and there was no information on debian-multimedia.org
either), is that this was a version with critical vulnerabilities
known since June 2010:

Vincent Lefèvre <vincent@vinc17.net> - Web: <http://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Reply to: