On 9/12/2022 12:14 PM, David Wright wrote: > On Mon 12 Sep 2022 at 11:13:52 (-0400), Chuck Zmudzinski wrote: > > On 9/12/2022 12:55 AM, David Wright wrote: > > > > > > I would imagine a fix could follow quite quickly as it only requires > > > rebuilding with a filename added to a list of files not to have > > > their symbols stripped (or reverting the compatibility level change). > > > > The patch to fix the bug with the dh_strip override was identified six days > > ago > > in the bug report by a user, yet AFAICT the grub maintainers have not even > > acknowledged the existence of this bug yet to those who have contributed > > to the bug report on BTS. So I do not expect a fix very soon. > > I don't see why: I see Steve's post from several hours ago.
Sorry, I missed that, Steve is a grub maintainer and now he is looking at the bug, and that is a good and encouraging fact. > > > The grub maintainers > > do not have the time or interest to fix it. Perhaps the Xen users could try > > to > > convince the Xen maintainers to do an nmu to fix it if the grub maintainers > > continue to ignore the bug, but I don't know if that breaks the etiquette > > that > > governs such things in the world of Debian developers - I am just a Debian > > user. > > There seems to be some attitude here. Well, I suppose so, but I am pleased that a grub maintainer is now on the case. Still, there is another Debian bug that affects me that continues to be ignored, so I admit I have an attitude about that. I accept that what is of grave or important severity to me is not necessarily of grave or critical severity to the official Debian maintainers and developers. I wish to merely point out that what is often said about the advantages and disadvantages of free, open-source software that is maintained by volunteers is true: An advantage is that the user has full access to the source code and is free to fix problems if the official releases have unpatched bugs but this of course costs time and resources devoted to solving problems that are not fixed promptly in the official release. A disadvantage is that often the priorities of the developers who release free, open source software are not always the same as the priorities of any particular user, so there is no guarantee that the developers of free, open source software will ever get around to fixing a problem that might be causing trouble for some subset of users of the software who very often just stop using the free, open source software and return to proprietary software that just works for them without a big hassle or effort to keep it working well and securely. Megha Verma of medium.com goes so far to say a disadvantage of OSS is that free open source software can be misused for malicious purposes, but it would be hard to prove what she says is true, but her point is that the way open source projects are governed lends itself to possible abuse. This is how she explains it: "Open Source Software is accessible to all means it can be used and misused. And, that’s where it turns unconstructive for us. With OSS, we can expect harm, virus transfer, identity burglary, and many other malicious practices to hurt the process." [1] I would not go so far to say that is happening in Debian, but I have experienced the fact that not every bug that is important to my use case will be fixed quickly in Debian, even if I or other users takes the time to find the fix and share it with the Debian developers. This experience of mine with Debian as a long-time user of Debian *does* raise suspicion in my mind, and I would not be suspicious of malicious intent by Debian developers and maintainers if they were more responsive to some bugs they just ignore for months and even years. I agree my suspicion does not prove malice, but my suspicion is reasonable when there are Debian "volunteers" who do work in corporate environments where the interests of their employer might conflict with the interests of the open source software projects such as Debian that they contribute to. This is simply a risk that users of Debian software, or of any open source software, should be aware of, and users should know how to mitigate this risk of malicious activity within open source software projects like Debian. So it as a fact that if a person is just a user of Debian and not an official developer of Debian, there is no guarantee that the use case of that particular user will receive prompt attention from the official Debian developers. That is true because Debian developers are just volunteers and not liable for any problems the software they release might cause to those who use Debian software. That is a *big disadvantage* of open source software. Best regards, Chuck [1] https://medium.com/quick-code/advantages-disadvantages-of-open-source-software-explained-2fd35acd413
