Hi Sebastian, Am Wed, Dec 10, 2025 at 12:11:49PM +0100 schrieb Sebastian Ramacher: > > So I guess your advise changed from "orphan" to "remove" in this > > specific case of mp3splt, right? > > Sounds like the best option currently.
This bug was turned into a pre-removal. In parallel I was seeking help for the CVEs. > > BTW, finally I consider the ITS process a good thing to uncover such > > issues. Just assume nobody had raised awareness about this problem > > your valuable information might remain hidden. > > Is it, though? With the ITS process I would expect that the person > starting the process is willing to take care of the package and is aware > of the state of the package. The analysis of whether the package is > still usable or suitable for Debian should be done before that. I agree that, ideally, one would have as complete a picture of the package's state as possible before starting an ITS. In practice, however, this is not always realistic. Without me taking any action, the security-relevant issues would likely have remained unnoticed, and the package would simply have continued to bit-rot quietly. My goal was to take over the package because I found it useful myself. I do not see any problem when team members point out issues during the discussion; on the contrary, I see this as part of a functioning process. It helps to determine whether continuing maintenance is sensible - or not. >From my point of view, the exchange has therefore served its purpose, regardless of the concrete outcome. > > Today I injected > > https://salsa.debian.org/multimedia-team/audiotools > > into Debian Multimedia team with 3 bugs fixed (two of these RC). > > Do you think this is a valid candidate for Multimedia team > > adoption? IMHO repositories of those package should be stored > > on Salsa where Multimedia experts are typically around. > > No, I don't. The package has other unfiled RC bugs (broken with our > version of urwid at least). If you already know of RC issues that have not yet been reported, it would be very helpful if you could file them. Having these issues recorded makes it much easier to evaluate the package's state and to decide on the next steps. Kind regards Andreas. -- https://fam-tille.de
