Re: glassfish-* packages no longer maintained

To: Sylvestre Ledru <sylvestre@debian.org>
Cc: debian-java@lists.debian.org
Subject: Re: glassfish-* packages no longer maintained
From: Benjamin Jaton <benjamin.jaton@gmail.com>
Date: Thu, 19 Jul 2012 08:38:51 -0700
Message-id: <[🔎] CAPSuxQiZByW46Y8h4S2ONKUy1o3hVa3MqQ_tzpYUWgVu7ZajgA@mail.gmail.com>
In-reply-to: <[🔎] 50073537.3090409@debian.org>
References: <[🔎] CAPSuxQi8Mw88j_aAtS_uawZ1v-SNc-PsyboqF+dLeyyaWtFThQ@mail.gmail.com> <[🔎] 50073537.3090409@debian.org>

>From there I don't know, I feel like it should be removed for safety but other packages rely on them.
Unfortunately I won't be a volunteer to package the v3.

Ben

On Wed, Jul 18, 2012 at 3:14 PM, Sylvestre Ledru <sylvestre@debian.org> wrote:

Le 18/07/2012 19:39, Benjamin Jaton a écrit :
Hello,

The packages glassfish-* shipped in all the version of Debian are version 2.1.1.
The glassfish v2 open souce code hasn't received any updates since 2010, not even critical security updates.
( https://svn.java.net/svn/glassfish~svn/trunk/v2/ )
Only the Oracle Enterprise version is still maintained.
Even if those are not the full server stack ( http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=653964 ), they may contains security flaws.
We just don't know, right?

The v3 version is very stable and actively maintained. I would consider shipping it instead of v2.

Thanks for the information.
Do you think we should ask for a removal in Wheezy ?
Are you volunteer to package the v3 ?

ThanksS

Reply to:

References:
- glassfish-* packages no longer maintained
  - From: Benjamin Jaton <benjamin.jaton@gmail.com>
- Re: glassfish-* packages no longer maintained
  - From: Sylvestre Ledru <sylvestre@debian.org>

Prev by Date: Re: glassfish-* packages no longer maintained
Next by Date: check your debian/watch file if it checks correct upstream version
Previous by thread: Re: glassfish-* packages no longer maintained
Next by thread: check your debian/watch file if it checks correct upstream version
Index(es):
- Date
- Thread