[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: summary of what's blocking security fixes

Joey Hess wrote:
>RM summary: m68k is killing us with ICE after ICE and contributing to
>blocking hald of the fixes. The transitions arn't hurting as much after
>the last heroic britney run, although kde/qt is of course a problem.

Time to declare m68k broken.

>Testing team summary: well, of these asterisk, inkscape, some kde stuff,
>lm-sensors, mysql-dfsg-4.1, and texmacs seem like the most likely
>candidates for upload to secure-testing, although some of the holes may
>not warrant a DTSA.
>        30 days old
>        blocked indirectly by qt transition
Deserves a secure-testing upload.

>        20 days old
>        blocked by libsigc++-2.0
To quote Steve Langasek:
# waits for efax-gtk,timfx to be build on m68k,
# gnomoradio,libgdamm1.3,libpanelappletmm2.6,lostirc,quickplot transitioned
Bugs have been filed against the packages needing transitioned uploads.
NMUs are a good idea too.
This cluster could go in in a week or less, so it may not be worth a security

>        23 days old
>        indirectly blocked by perl
Hmm.  No idea how long perl will take, so this probably deserves an upload
if the vulnerability is serious enough.

>mozilla (partially fixed in secure-testing)
>        41 days old, AKA, is this package being maintained?
Clearly not.
>        rc bugs, FTBDS, etc

>        177 days old
>        3 RC bugs, max 98 days old, none with responses from maintainers
>        recommend removal from testing (and/or debian)
Good grief.  And it's team-maintained, too.
CC:ing all maintainers.

I'd hate to see this drop out of Debian.  Shall I prepare an NMU?

>        106 days old
>        non-free package, still missing s390 build
>        (I tried and failed to build this on raptor, machine is too
>        unstable.)
Drop from testing?

Nathanael Nerode  <neroden@twcny.rr.com>

This space intentionally left blank.

Reply to: