On 16.6.2020 20:22, Gerald Henriksen wrote:
Given the number of cases of evil people getting access to computer
systems, and the fallout of said attacks, any package left on a system
after it no longer is being maintained is not only broken but a
security risk.
Unless the process and the approach of "If it builds let's ship it" has
not been changed over the years then the end user might be getting a
package that is not actually being maintained in the distribution thus
already is a security risk ( without it being flagged retired ) to begin
with so arguably that problem needs to be solved first or at the same
time as this.
I think people first need to establish what perception and thus meaning
people put in the words retired,broken,maintained etc. before the proper
course of action can be taken.
JBG