László, I would be in strong support of your taking over icu. Feel free
to do it in conjunction with uploading security fixes that are pending.
Right now, last time I looked, there were not yet public patches for all
the issues, but I may be wrong. A general tip for ICU security patches:
Red Hat has to do them too. I have generally tried to make sure that the
version of ICU in a debian release corresponds with a version present in
at least one Red Hat release, but I hadn't planned for the 52 to be in
jessie; I just didn't have a way to get it updated. But you can often
grab security patches from other distributions. Also, upstream has
generally been pretty helpful with backporting patches when necessary.
Mostly I have found the patches backport pretty easily. Regardless, we
will also get stuck in a situation where upstream doesn't support some
version we have in a security supported version, which is one of the
main challenges of maintaining icu.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/20150212163623.3019352265.qww314...@jberkenbilt-linux.appiancorp.com
