[ wearing the hat of the debian-security-support maintainer ]
Raphael Hertzog wrote...
> Thus I believe that we should mark the package as <end-of-life> and
> recognize officially our inability to handle this package.
As I have no particular opinion about that package, some general
remarks: Ending support for a certain package always introduces a risk
other packages are affected, too. So part of such a removal request
should include an analyis about that.
Now a quick glance at the reverse dependencies on packages that are
build from src:glassfish reveals the following dependencies will
become unsatisfyable, read: They'll point to unsupported packages
([s]uggest, [r]ecommends, depends else).
libred5-java
libopenjpa-java
libjsf-api-java (s)
libspring-webflow-2.0-java
libspring-web-2.5-java (s)
libspring-tx-2.5-java (r)
libspring-jms-2.5-java
libspring-context-2.5-java (r)
libhibernate-validator-java
libcommons-dbcp-java (s)
liblogback-java (s)
libeclipselink-java
Question to those who are acquainted with these packages: Is this
acceptable? Is there a feasible solution for users who are affected by
this?
> If there are no objections, I'll file a bug against
> debian-security-support to request this.
That shouldn't be necessary, a word from the security team will be
sufficient. It wouldn't hurt, though.
Christoph
Attachment:
signature.asc
Description: Digital signature