EPEL Orphaned packages with vulnerabilities
Till Maas
opensource at till.name
Mon Aug 11 17:46:23 UTC 2014
On Mon, Aug 11, 2014 at 04:58:17PM +0200, Karel Volný wrote:
> >In response to that I closed all the tickets that were still open for
> that
> >package.
>
> I just wonder, if these had been opened for three years, why there was so
> great urgency to close the bugs now, immediately?
There is now a security initiative to handle the outstanding security
bugs.
> >Perhaps you can un-retire the package(s) and maintain them?
>
> why should I fix things *you* broke?
Please calm down. If the package and its dependencies should stay in
EPEL, they need to be maintained. So if you would like to have the
package in EPEL, you need to find a maintainer or maintain it.
Regards
Till
More information about the epel-devel
mailing list