[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#876905: qtwebkit should not be release with buster

El martes, 2 de abril de 2019 17:48:26 -03 Moritz Mühlenhoff escribió:
> > Truth is we can't even agree inside the team. Some of us think we should
> > just remove it alongside whatever hasn't been ported, some think we should
> > not.
> > 
> > Now in my *very personal* opinion: even if it's not supported by the
> > security team I think it should keep the RC status if released with
> > buster.
> > It's a pile of security bugs in one single package.
> qtwebkit hasn't been security-supported in any Debian release it was ever
> present in. Does it really make sense to remove it now so close to the
> buster release (with all kinds of unpreditable fallout on kde4libs).
> Wouldn't it be better to wait after the buster release and then agressively
> bump all the remaining QT4/KDE4 to RC-severity the day after the buster
> release so that automated testing removals can do their magic (and filin
> g RM bugs a few months later).

That's exactly what I wrote above, but keeping the RC bug. Even if it's not 
supported we should warn our users of the big security pile of bugs it is.

Cuando tenga duda, utilice la solución mas simple.
  Principio de William Occam, también llamado
  "la navaja de Occam"

Lisandro Damián Nicanor Pérez Meyer

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: