Hi David, (mostly using darkstar as an example. I don't event know that package - but I noticed that I decided not to care much about my squeeze-backports anymore (eg not to backport piuparts) while realizing I'd still do security fixes.) On Mittwoch, 3. Juni 2015, David Bremner wrote: > Sven Eckelmann <sven@narfation.org> writes: > > [...] dcraw, darktable, > > freeimage, rawstudio and xbmc most likely still need a patch. > Darktable is not in squeeze. There is a version in squeeze backports, > but I don't plan any further support for that. Of course, someone else > is welcome to... I'm not sure this is what the backports project is expecting, cc:ing them to get their input. A possible solution would be to remove the backport if it's not supported security wise anymore, or, express this via the debian-security-support package (which doesn't support backports yet) or to cease oldoldstable- backports alltogether, which I think would be unfortunate. And finally, if the issue is not worth fixing, this can also be documented in the security tracker... cheers, Holger
Attachment:
signature.asc
Description: This is a digitally signed message part.