> Joshua Haase <[email protected]> writes: > >> André Silva <[email protected]> writes: >> >>> [ Unknown signature status ] >>> On 10/04/2016 07:31 PM, Alejandro Hernández wrote: >>>> But I'm talking about what to do with detected unsecured (long time) >>>> unmaintained packages. I mean packages without updates with security >>>> vulnerabilities known. (Like nowadays 'icecat') >>> We could move icecat to [libre-testing] until new version will be >>> released, what do you think guys? >> Agreed. > testing is for new, possible unstable packages, not for old and > unmaintained. > > i'd remove them or move them to [unmaintained]. there's lots of > unmaintained packages on [pcr] too... > > > > _______________________________________________ > Dev mailing list > [email protected] > https://lists.parabola.nu/mailman/listinfo/dev I agree that [libre-testing] isn't the place for old/unmaintained packages. If a package has been completely abandoned upstream and a security vulnerability has been found, it should probably just be removed.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dev mailing list [email protected] https://lists.parabola.nu/mailman/listinfo/dev
