On 2/02/2013 00:36, Wulf C. Krueger wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 01.02.2013 14:26, Rich Freeman wrote:
As long as it builds on 80%+ of systems and has no serious issues
(security in particular) there is no reason to remove a package.
And how will you get to know about current or future security issues if
nobody (in Gentoo) cares about the package?
The security team routinely monitors various information sources to
ensure that issues are tracked regardless of maintainer.
Remove things when they cause problems, not before.
You mean, not before your users' systems have been compromised and they
complain loudly about it?
Best regards, Wulf
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iEYEARECAAYFAlELxNgACgkQnuVXRcSi+5qP8wCghvWTuQvcFfJojX9HS8Jln6O/
144AnipUMY1NU8DbrtzesEbvpSHeYkPt
=awFq
-----END PGP SIGNATURE-----
