[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ieee-data: are you interested in fixing a non-security related issue?

Hello Utkarsh and Emilio,

> Is this package in a completely useless state w/o this?
> Alternatively, if this isn't fixed, will it have a high impact, et al?

I wasn't very clear in the pu request; the ieee-data package ships 2
things; the data from ieee and a script to update that data. This
issue fully breaks the script's functionality but the original data
shipped still "works" fine (though outdated and now without an easy
way to update it).

> > If you believe it makes sense to fix this for stretch (without a DLA),
> > can you give me instructions on how to proceed or take over?
> Each update to stretch goes through the -security pocket and needs a
> DLA, irrespective of whether it's a security bug or not. In the past,
> we've fixed some non-security bugs[1], but we only fix them if the
> severity is high & the package is in a broken state altogether.


> So let me know if what you think about the questions above & we can
> take it from there?

So I wouldn't say it's a critical issue, as the user can always
manually update the data, but it might be worth it considering the
cost/impact of fixing it (as the impact/blast radius is well
contained) and there were at least 3 people interested on it (who
interacted with the bug reports).


Samuel Henrique <samueloph>

Reply to: