On Tue 11 Jan 2022 at 08:07:35 +0800, Paul Wise wrote: > Control: reopen -1 > Control: found -1 3.21.8+dfsg0-2 > > On Mon, 2022-01-10 at 20:54 +0000, Brian Potkin wrote: > > > Use of our limited, volunteer supported resources is best served by not > > keeping open inactive bugs any longer than desirable, especially in > > cases where the package concerned is older than the current stable > > Debian version and upstream support has been limited. Consequently, the > > report is now being closed. > > This is not very respectful of our users and social contract. > > Users should be given the opportunity to reproduce old bugs before they > are summarily closed without any attempt at reproducing them. Old bugs > are extremely likely to still be present, them being open usually means > no-one bothered to look at and fix them, at least in my experience. > > The social contract states that we should not hide bugs. Closing old > bugs without attempting to verify if they are fixed or giving users the > opportunity to do so is definitely hiding bugs. > > https://www.debian.org/social_contract > > When the bug is trivial to verify if it is still present or not, > you should at very least run the two commands needed to do that: > > $ chronic apt source hplip > $ find -iwholename '*expect*' > ./hplip-3.21.8+dfsg0/base/pexpect > ./hplip-3.21.8+dfsg0/base/pexpect/__init__.py > > Please also notify the security team of the embedded copy: > > https://wiki.debian.org/EmbeddedCopies
Thank you for reopening the report. The security team appears to be aware of the embedded copy. https://salsa.debian.org/security-tracker-team/security-tracker/raw/master/data/embedded-code-copies Regards, Brian.
