Hi, El 13/05/16 a las 09:51, Raphael Hertzog escribió: > Hello, > > On Thu, 12 May 2016, Markus Koschany wrote: > > I saw those commits too yesterday. I would suggest that we discuss EOLed > > packages on debian-lts before we mark CVEs as unsupported in Wheezy LTS. > > Definitely, we should not mark CVE as "end-of-life" before we agreed to > mark it as such in debian-security-support... > > That said for vlc I think no customers expressed any need for that > package. > > So I think we can stick to this decision and actually put it into > debian-security-support, even if we are going to support libav... > because vlc has many security issues of its own and contrary to libav > it's not a reverse dependency for many packages AFAIK. > > > findings. The same goes for vlc and Brian May's investigation into the > > maintainability of libav and related apps. In any case we should always > > update debian-security-support as well when we decide to end support for > > packages. > > And announce those changes at the same time ideally.
Through DLAs maybe? I have a pending upload to close #824015, but now I'd prefer to wait until May 23, for giving time to decide on this, and to wait for more translations for the updated debconf template. Cheers, Santiago
signature.asc
Description: PGP signature
