[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Candidates for removal from testing (2013-01-24)

On Fri, Jan 25, 2013 at 07:15:43AM +0100, Christian PERRIER wrote:
> Quoting Niels Thykier (niels@thykier.net):
> > Pierre Chifflier <pollux@debian.org>
> >    glpi
> I looked briefly at the RC bug for glpi (#694642). It seems that an
> embedded Flash file provided with the package has a security issue.
> I have no clue at all if this .swf file is of critical use for GLPI
> (from the directory tree, it seems to be provided in a "resource"
> directory, so maybe not of big importance).....
> Still, it would be sad to have GLPI disappear from Debian for this, as
> this is one of the good free implementations of computer asset
> management systems and quite widely popular in France.
> Pierre, have you noticed that? I dont see any contribution of yours in
> #694642, so you may have missed this release critical bug....


Sadly, I just discovered this bug. I have checked my mailbox, but have
found no trace of any received mail, maybe because it was reaffected to
glpi after another package ?
Anyway, I'm working on it to have glpi fixed today or in the next few
glpi embeds a copy of extjs, I think the best fix will be to
remove it and replace it by symlinks to the proper Debian package.

I would like to ask the release team not to remove glpi, for the reasons
Christian gave.


Attachment: signature.asc
Description: Digital signature

Reply to: