Re: Packages not supportable in squeeze-lts
On Wed, May 21, 2014 at 12:22:07PM +0200, Moritz Muehlenhoff wrote:
> On Fri, May 16, 2014 at 07:12:10AM +0200, Moritz Muehlenhoff wrote:
> > Hi,
> > a range of packages will not be supportable in squeeze-lts. But since we
> > have now have the debian-security-support package we can transparently
> > flag these to the user (and let them either upgrade to wheezy or assess
> > whether that's acceptable).
>
> I've uploaded a first release of debian-security-support to squeeze-lts
> containing an EOL note for the packages where noone objected to ending
> squeeze support.
>
> Please integrate the squeeze-lts apt source, test and comment.
The package has now passed NEW processing for squeeze-lts and the
debian-lts-changes list also works fine:
https://lists.debian.org/debian-lts-changes/2014/05/msg00000.html
Please test.
> There's a few where the status still isn't clear, these can go in a followup
> upload once the discussion is finalised.
So from the initial list there's still open:
qemu-kvm / libvirt / xen
-> unless there's a dedicated volunteer, I'll mark it as unsupported soonm
icedove
-> Guido, what are the plans? Maybe reconsider for wheezy-lts?
Alternatively we could also limit the support to plain mail, all the security
issues are only an issue with Javascript-enabled/HTML mails.
drupal6
-> No clear comment, keep or end support?
asterisk / wordpress
-> These was discussed but no real final status yet? Anyone stepping forward?
ffmpeg
-> I think we need to end official support. Raphael's backport with limited
scope can be released as a best-effort package, but even for non-obscure codecs
like MPEG4 the 0.5-based version lacks far too many things to be secure. EOLing
it is IMO the only viable solution.
iceweasel:
-> keep
I'll draft a public announcement for debian-lts tomorrow.
Cheers,
Moritz
Reply to: