severity 160579 minor thanks On Mon, Aug 21, 2006 at 04:21:20PM +0200, Thijs Kinkhorst wrote:
> I'd like to request removal of knowledgetree for testing for these > reasons: > * Has two security issues; > * Has an open request for adoption since a couple of months but no takers; > * Has low popcon numbers; > * Is a couple of versions behind upstream. > (See bug #373137) This package had already been removed from testing. > Same goes for slash: > * Has two security issues with no real response for four and one years > respectively; > * Has 4 installs and 3 votes in popcon; > * Release is years old, upstream develops but is not releasing. > (See bug #160579) The maintainer seems to disagree that there's any reason to remove the package. The argument for removing it for security reasons isn't strong -- 160579 amounts to "a user can do stupid things that will expose his password, like typing them into the URL bar"; yes, this should be tagged 'security', but the presence of a bug tagged 'security' is not itself a reason to remove the package from a release when that security hole does not itself qualify as an RC bug. The other reasons seem more like a reason to remove the package from the archive than from the release specifically; please check with -qa if they would like to have this package removed from unstable over the maintainer's objections in that case. In the meantime, I'm downgrading 160579 because I don't see anything in that report that would justify claiming the package is unreleasable. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
