Re: Should we just remove openwebmail?

To: Luk Claes <Luk.Claes@ugent.be>
Cc: debian-qa@lists.debian.org
Subject: Re: Should we just remove openwebmail?
From: Andrew Pollock <apollock@debian.org>
Date: Fri, 29 Apr 2005 00:29:03 +1000
Message-id: <[🔎] 20050428142903.GF22177@daedalus.andrew.net.au>
Mail-followup-to: Luk Claes <Luk.Claes@ugent.be>, debian-qa@lists.debian.org
In-reply-to: <[🔎] Pine.GSO.4.53.0504281524400.17393@eduserv.UGent.be>
References: <[🔎] 20050428132021.GA28482@daedalus.andrew.net.au> <[🔎] Pine.GSO.4.53.0504281524400.17393@eduserv.UGent.be>

On Thu, Apr 28, 2005 at 03:26:08PM +0200, Luk Claes wrote:
> On Thu, 28 Apr 2005, Andrew Pollock wrote:
> 
> > Hi,
> 
> Hi Andrew
> 
> > openwebmail is orphaned, but has only been so for 32 days.
> >
> > That said, it's got security issues, and hasn't been part of a stable
> > release.
> >
> > So I'm personally inclined not to let it linger for a while on the grounds
> > that it's got security issues, and just get it the hell out of the archive.
> > It's not like Debian's short of webmail packages.
> >
> > That said, a non-DD has prepared an updated package as of a week ago, but no
> > one has sponsored it yet.
> >
> > Just wondering what peoples' thoughts are?
> 
> Are there still security issues with the updated package? If not, I see no
> real reason why it should be removed.
> 

Well my point is the new package isn't in the archive until someone reviews
it and sponsors the upload. If that doesn't happen (or until that happens),
the package in unstable remains vulnerable.

regards

Andrew

Reply to:

References:
- Should we just remove openwebmail?
  - From: Andrew Pollock <apollock@debian.org>
- Re: Should we just remove openwebmail?
  - From: Luk Claes <Luk.Claes@UGent.be>

Prev by Date: Re: Bug#306739: jakarta-log4j: FTBFS: 'enum' is a keyword, and may not be used as an identifier
Next by Date: Your meds
Previous by thread: Re: Should we just remove openwebmail?
Next by thread: Re: Should we just remove openwebmail?
Index(es):
- Date
- Thread