Hello Helmut, First of all, thanks for pointing out this issue.
> * Investigate whether you can replace the embedded copy with a > dependency on openacs. I.e. remove the embedded copy. This may be a > fair amount of work, if possible at all. This was my first thought when i first packaged dotlrn and openacs, but upstream authors highly discouraged me about doing it. AFAIK, dotlrn uses a heavily modified version of the openacs core, being stuck with an old version (5.5.1, while openacs 5.7.0 is in wheezy), so i guess at this point it is not reasonable at all. However, i have heard they are trying to solve it in future versions of dotlrn, so chances are that it could be done then. > * Ask the security team to add dotlrn -> openacs as an embedded copy in > the security tracker. I can do that. I'm afraid that could be the best option for now, i would be grateful if you could do that, thanks! Héctor -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org