control: severity -1 important On Thu, Oct 4, 2012 at 8:37 PM, Jens Stimpfle wrote: > To reiterate again, the current wheezy xpdf package is in a terribly > defunct state, possibly imposing severe security problems and should > under no circumstances be included into the stable release.
No it isn't. Bugs remain, but that is the case for every package in every release. > Here are other related bugs: > > #622877 > #640515 > #606885 Not major i.e. release-critiical issues. > #628591 That's been done for a long long time. It's an incompatibility with an old expat. > #662882 > https://bugs.launchpad.net/ubuntu/+source/xpdf/+bug/669211 (see comment 47) Those are this bug, and Ubuntu developers are responsible for their system preferring poppler's globalparams and pretty much breaking everything. They need to find their own solution, and they did for 12.10. Saying there are potential security issues without evidence is blowing the problem out of proportion. If there is real evidence that there is a problem, I will certainly look at it, but guesses are not sufficient. Also, the patch attached to this report is far too large. Any patch should address the known problems specifically, rather than just copying popper's globalparams. In the future, please do not override maintainer severities without a good reason. No one likes bts ping pong. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
