EPEL Orphaned packages with vulnerabilities
kvolny at redhat.com
Mon Aug 11 14:58:17 UTC 2014
>> you really haven't wondered for too long, now, in the middle
>> of summer when folks are on vacations, did you?
> Which folks, exactly?
so, you want me to append the list of Flock attendants for example, or what
is this question about?
> These were all orphaned packages so no one was working on them.
are you trying to imply that only package owners can be interested in what
happens with those packages?
- I guess the broken dependencies and the bugreport I've mentioned earlier
prove the exact opposite
> I requested releng to do *something* and the something they did
> was to retire the package.
don't be alibistic
"Could someone update this package or *remove* the package from the repos?"
doesn't sound just like "something"
> In response to that I closed all the tickets that were still open for
I just wonder, if these had been opened for three years, why there was so
great urgency to close the bugs now, immediately?
now I see you even filed the ticket *before* sending out the email ... is
this how the "collaboration" works today, you "just don't know" but act
before anyone has even the chance to answer?
> Perhaps you can un-retire the package(s) and maintain them?
why should I fix things *you* broke?
QE BaseOs/Daemons Team
Red Hat Czech, Brno
tel. +420 532294274
(RH: +420 532294111 ext. 8262074)
xmpp kavol at jabber.cz
:: "Never attribute to malice what can
:: easily be explained by stupidity."
More information about the epel-devel