Hello Ola, On Fri, 12 Apr 2024, Ola Lundqvist wrote: > I see three: > 1) copy secteam decision and move on to the next package (I guess > remove from dla-needed) > 2) copy secteam decision for most of them, but fix the ones with fedora > patches > 3) dive in and start developing (that will take quite a lot of effort) > > I think we should do 1 or 2 as a start. Based on all other discussions > I'm not sure what a "consensus decision" would be.
Most of your reasoning was about "we can't fix everything as we don't have enough resources" so we must make judgment calls and decide based on priorities. But here the call is relatively easy to make if you take the time to include the data from ELTS on top of the data from LTS. * We have an ELTS customer with this package * There are plenty of work hours available in ELTS * The security team has suggested we open upstream bug reports and start to push fixes So please let's move on and get onto real security work. All LTS/ELTS contributors are expected to be skilled programmers to be able to develop fixes and submit them upstream. Thank you. -- ⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog <[email protected]> ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋ The Debian Handbook: https://debian-handbook.info/get/ ⠈⠳⣄⠀⠀⠀⠀ Debian Long Term Support: https://deb.li/LTS
