On Wed, Aug 07, 2013 at 02:38:15PM +0200, Hector Romojaro wrote: > This was my first thought when i first packaged dotlrn and openacs, but > upstream authors highly discouraged me about doing it. AFAIK, dotlrn > uses a heavily modified version of the openacs core, being stuck with an > old version (5.5.1, while openacs 5.7.0 is in wheezy), so i guess at > this point it is not reasonable at all.
Given the results of dedup.d.n expected something like this. :-( > However, i have heard they are trying to solve it in future versions of > dotlrn, so chances are that it could be done then. In this case I suggest to leave this bug open, because chances are that this can be solved. > > * Ask the security team to add dotlrn -> openacs as an embedded copy in > > the security tracker. I can do that. > > I'm afraid that could be the best option for now, i would be grateful if > you could do that, thanks! I added the following lines to data/embedded-code-copies in revision 23222: +openacs + - dotlrn <unfixed> (modified-embed; bug #718487) So the useful options for this bug appear to be: * downgrade to get it eventually solved * close, since we cannot do anything but document it Please decide and apply what fits best. Helmut -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
