EPEL Orphaned packages with vulnerabilities
Till Maas
opensource at till.name
Mon Aug 11 20:33:23 UTC 2014
On Mon, Aug 11, 2014 at 04:52:11PM +0100, Pádraig Brady wrote:
> On 08/06/2014 07:32 PM, Eric H. Christensen wrote:
> > I just did a query of all the packages in EPEL that are currently orphaned and contain vulnerabilies. I'm wondering if any of them are still useful or if they can be removed from the repos. Here's the list:
> >
> > couchdb - epel-all
> mongodb wasn't listed above, but it was retired as part of:
> https://fedorahosted.org/rel-eng/ticket/5963
>
> Now RDO for example fails to install in its default setup.
>
> Was mongo retired in error?
Sorry, I confused it with couchdb. I undid my changes as far as I could
and strobert is now the point-of-contact for EPEL 6. Do you know whether
or not it was orphaned previously on EPEL 5 and 6? Nevertheless, it
needs to be adopted in EPEL 5 to not be retired again, but strobert
wrote it might not be worth maintaining it in EPEL 5 without bumping its
release.
Regards
Till
More information about the epel-devel
mailing list