Thanks! Do you mind listing the exact binary package list which should then be promoted?
Agreed with you on the autopkgtests. This could have helped if vala were to regressed the lib build, but unsure this is really needed as a separate autopkgtests. So, +1 for me, the security team should feel free to have a look at this one as well. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gupnp in Ubuntu. https://bugs.launchpad.net/bugs/1799974 Title: [MIR] gupnp Status in gupnp package in Ubuntu: New Bug description: * Availability Builds on all supported architectures in Ubuntu and on sync from Debian, the package was in main in the past and needs to be re- promoted * Rationale We would like to enable dlna sharing of media files, which is a GNOME upstream feature and relying on rygel which depends on the gupnp libraries * Security There is an old CVE recorded/fixed https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2174 * Quality assurance - the desktop-packages team is subscribed to the package - the bug lists in upstream, the Debian PTS and launchpad are empty - upstream has a testsuit which is used during build * Dependendies The package uses standard desktop libraries that are already in main * Standards compliance the package is using standard packaging (dh10), the standards-version is 4.2, the package is in sync from Debian * Maintainance Upstream is active and the desktop team is going to look after the package in ubuntu To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gupnp/+bug/1799974/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
