On Mon, Mar 11, 2019 at 12:29:10PM +0100, Jonas Smedegaard wrote: > control: reopen -1 > > Quoting Jonas Smedegaard (2019-03-11 12:22:03) > > Quoting Moritz Muehlenhoff (2019-02-10 14:47:49) > > > Source: libsass > > > Severity: serious > > > > > > None of the security bugs filed in the BTS has seen any maintainer > > > followup > > > (dating back to 2017 in some cases), and that's just the tip of the > > > iceberg, > > > the security tracker lists many more. > > > > > > Unless someone steps forward and commits to properly maintain it during > > > the > > > lifetime of a stable release, let's not include it in buster. > > > > I have now looked closer at this issue, and disagree that this package > > has a bug of general neglect. Closing this bugreport accordingly. > > Whoops - I have no idea how I could manage to "investigate" but miss the > amount of bugreports that I now see (and are not new). > > Reopening. Sorry for the noise.
In addition there's also a fair number of security issues which don't even have a bug filed, see https://security-tracker.debian.org/tracker/source-package/libsass Cheers, Moritz
