[Secure-testing-team] Re: summary of what's blocking security fixes from testing

Wed Sep 14 14:00:05 UTC 2005

Steve Langasek wrote:
> > bzip
> > 	8/10 days old
> > chmlib
> > 	3/10 days old
> > courier
> > 	too young
> > gxine
> > 	too young
> > squid
> > 	too young
> > sqwebmail
> > 	too young
> 
> Feel free to add urgent hints for any of these.

None of them are that serious holes, IRC.

> > ntp
> > 	177 days old
> > 	3 RC bugs, max 98 days old, none with responses from maintainers
> > 	recommend removal from testing (and/or debian)
> 
> Are these different security bugs than the ones already fixed via
> proposed-updates?

Thanks, you're right it's not vulnerable.

> > openmotif
> > 	106 days old
> > 	non-free package, still missing s390 build
> > 	(I tried and failed to build this on raptor, machine is too
> > 	unstable.)
> 
> This package really doesn't appear to have the necessary baseline
> support from porters and/or the maintainer to let us keep it around.
> There's a total of one package in testing still depending on openmotif;
> I think we should give the arb maintainer a shot at fixing it, and then
> drop it from testing if he doesn't get anywhere.

Agreed, although I think you might as well let the maintainers of ida
and motv have a crack at it too.

> > python2.1
> > 	alpha build succeeded 2 weeks ago but gone missing
> > 	mips, mipsel, powerpc builds ditto
> > 	blocked by gmp
> > python2.2
> > 	FTBFS m68k (ICE)
> > 	FTBFS hppa
> > 	blocked by gmp
> 
> No hope that we can get rid of these yet...?

Very little depends on python2.1. python2.2 has a bit more stuff but
certianly not too much that filing some RC bugs and dropping it might
not be the easiest way to fix this issue.

-- 
see shy jo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20050914/43baeaf3/attachment.pgp