Re: State of ampache: we should declare it unsupported

To: debian-lts@lists.debian.org
Subject: Re: State of ampache: we should declare it unsupported
From: Roberto C. Sánchez <roberto@debian.org>
Date: Fri, 4 Oct 2019 11:53:14 -0400
Message-id: <[🔎] 20191004155314.GK5473@connexer.com>
Mail-followup-to: Roberto C. Sánchez <roberto@debian.org>, debian-lts@lists.debian.org
In-reply-to: <[🔎] 4e79987a-2fcf-a353-8931-5a4a7f342086@beuc.net>
References: <[🔎] 20191004125628.GJ5473@connexer.com> <[🔎] 4e79987a-2fcf-a353-8931-5a4a7f342086@beuc.net>

On Fri, Oct 04, 2019 at 04:45:16PM +0200, Sylvain Beucler wrote:
> Hi,
> 
> The vulnerabilities are important and upstream does not provide any
> fixed release.
> This means all ampache installations (Debian and non-Debian) are at risk.
> 
> It would be worth explaining the situation to upstream and requesting
> his explicit stance on the matter.
> 
> I believe this will make the decision easier, and contribute to raise
> awareness about good security practices.
> 
Someone already made such a request in the issue, to which the author
responded with the 39k line commit and the list of "specific changes"
buried therein.  However, I am not opposed to making a more detailed and
thorough request with rationale to see if that might yield some useful
information.

Regards,

-Roberto

-- 
Roberto C. Sánchez

Reply to:

Follow-Ups:
- Re: State of ampache: we should declare it unsupported
  - From: Roberto C. Sánchez <roberto@debian.org>

References:
- State of ampache: we should declare it unsupported
  - From: Roberto C. Sánchez <roberto@debian.org>
- Re: State of ampache: we should declare it unsupported
  - From: Sylvain Beucler <beuc@beuc.net>

Prev by Date: Re: State of ampache: we should declare it unsupported
Next by Date: Re: ClamAV update in jessie
Previous by thread: Re: State of ampache: we should declare it unsupported
Next by thread: Re: State of ampache: we should declare it unsupported
Index(es):
- Date
- Thread