Re: Please ignore the tslib upload
On Thursday 20 November 2008 11:16:14 Olivier Berger wrote:
> Le mercredi 19 novembre 2008 à 21:51 +0000, Neil Williams a écrit :
> > I've no idea what is going on but a version of tslib has been uploaded
> > to mentors.debian.net.
> >
> > I'm the maintainer for tslib and I see no reason for any such upload to
> > Debian. Please do not sponsor this upload, do not hijack tslib.
> >
> > If there are good reasons for an upload, I will do it - but only to
> > experimental.
> >
> > I won't be sponsoring the upload from mentors.debian.net.
> >
> > Can the upload be removed from mentors.debian.net ?
>
> Uh... mentors.debian.net is not Debian... so what's wrong with an upload
> by someone else than the official maintainer to mentors.debian.net ?
>
> Of course this may be misleading people, but if it's not flagged as NMU
> or something, I can't see any real harm.
Well, people should not be mislead by flags or strings appied, but should
verify the source package signature instead. Even if you do not trust that
signature at all, you can still dissect and inspect the content of that
source package (for example: compare it to the version in sid which was
presumably signed by a trusted peer) and decide if it brings more good that
harm, which should be brought to the attention of the original package
maintainer(s).
--
pub 4096R/0E4BD0AB 2003-03-18 <people.fccf.net/danchev/key pgp.mit.edu>
Reply to: