Bug#660849: RFA or removal: tremulous

To: debian-devel-games@lists.debian.org
Cc: 660849@bugs.debian.org
Subject: Bug#660849: RFA or removal: tremulous
From: Simon McVittie <smcv@debian.org>
Date: Wed, 11 Apr 2012 10:45:54 +0100
Message-id: <[🔎] 4F8552D2.7010801@debian.org>
Reply-to: Simon McVittie <smcv@debian.org>, 660849@bugs.debian.org
In-reply-to: <20120222104440.GA5989@reptile.pseudorandom.co.uk>
References: <20120222104440.GA5989@reptile.pseudorandom.co.uk>

On 22/02/12 10:44, Simon McVittie wrote:
> I request an adopter for the tremulous package.
...
> there may be more undiscovered vulnerabilities, since it's basically a very
> old fork of ioquake3.

(There was indeed a reflected DoS.)

> Note that Tremulous has not had an official upstream release since 2006.
> The upstream website publicizes both 1.1.0 (the 2006 version we have)
> and "GPP1" (Gameplay Preview 1), essentially a beta version of Tremulous 1.2,
> which might in fact be more popular than 1.1.0 by this point, and is what
> is shipped in Fedora.

Also note that GPP1 was in 2009 and there has been no "official" release
since then. (Perhaps a sufficiently dedicated maintainer would find
something resembling a release by trawling through the forums, but I'm
not going to do that.)

Given Tremulous' history of security vulnerabilities and apparent lack
of upstream interest in point releases, I don't think Tremulous should
be in wheezy without an active maintainer. If nobody has adopted it
within a month I will ask for it to be removed.

    S

Reply to:

Prev by Date: Bug#646377: RFP: xonotic -- a fast-paced first-person shooter
Next by Date: Bug#553080: marked as done (O: tictactoe -- tic-tac-toe game written in Ruby)
Previous by thread: Bug#646377: RFP: xonotic -- a fast-paced first-person shooter
Next by thread: Bug#553080: marked as done (O: tictactoe -- tic-tac-toe game written in Ruby)
Index(es):
- Date
- Thread