On Sep 19, 2006, at 6:12 AM, Stephen R Marenka wrote:
I think we do need to have a discussion about ports that don't
build the
full archive, but otherwise can make a stable release and get security
support. Certainly m68k and likely arm users won't be running all the
latest bloatware and thus d
Hi Matthijs,
> Hi,
>
> What about #375494 and #377047, those are security bugs in the current
> stable distribution (Sarge) and according to the Security Team it
> didn't warrant an upload. Although it has a CVE so I think it's worth
> an upload to stable.
>
> What do you think ?
If you are the
Hi,
On Saturday 16 September 2006 19:39, Moritz Muehlenhoff wrote:
> > Please explain why you think that putting arbitrary long strings into
> > fixed= sized buffers is not a security problem, preferedly in the
> > bugreport.
> The buffer overflow can only be triggered through a file only root can
Wouter Verhelst wrote:
> I think the best way forward at this point in time is to create our own
> release, as you suggest, very much like what amd64 did for sarge. On the
> August 16 birthday party in Breda, I discussed this with Jeroen Van
> Wolffelaar who told me that in theory, it should not be
Hi Steve,
On Sun, Sep 17, 2006 at 11:55:02PM -0700, Steve Langasek wrote:
[...]
> So with three months remaining until the scheduled release of etch, the
> release team does not believe it's possible for m68k to close the gap on
> these issues.
>
> As a result, the bts is already ignoring m68k in
On Tue, Sep 19, 2006 at 09:43:54AM -0700, Thomas Bushnell BSG wrote:
> Stephen R Marenka <[EMAIL PROTECTED]> writes:
>
> > I'm not saying quantity isn't a problem or that politics isn't annoying,
> > but the m68k port's biggest problem since gcc-4.0 rolled out has been
> > the toolchain.
>
> I
i have not been using debian/linux for very long
(less than a year), however i was involved with
unix and with several kinds of 68k based machines
when they were new.
my impression of the current situation is that there
is some fairly heavy politicking goings on here. one
the action is not consis
I have uploaded ICU 3.6 to sid today and have had the libicu36-dev
package Provide libicu34-dev as previously discussed. Please schedule
binary NMUs for the packages that build depend upon libicu34-dev once
libicu36-dev appears on all the buildds. By my calculation, this
includes the following:
Stephen R Marenka <[EMAIL PROTECTED]> writes:
> I'm not saying quantity isn't a problem or that politics isn't annoying,
> but the m68k port's biggest problem since gcc-4.0 rolled out has been
> the toolchain.
I don't think this is the only thing, however.
Notice that guile-1.6 has not built
* Andreas Barth ([EMAIL PROTECTED]) [060919 15:23]:
> * Stephen R Marenka ([EMAIL PROTECTED]) [060919 15:20]:
> > I'd still like a stable, security-supported, m68k port. It doesn't need
> > all of kde or gnome or openoffice. I don't know that anyone will ever try
> > to run gnucash or gnuradio o
the mob appeared first time Spirit that kindly helped the them or his eyes which for a. Hardin threw his own prying sacrilege;
* Stephen R Marenka ([EMAIL PROTECTED]) [060919 15:20]:
> I think we do need to have a discussion about ports that don't build the
> full archive, but otherwise can make a stable release and get security
> support.
Agreed.
> I'd still like a stable, security-supported, m68k port. It doesn't ne
On Tue, Sep 19, 2006 at 04:42:16AM -0700, Brian Morris wrote:
> my impression of the current situation is that there
> is some fairly heavy politicking goings on here. one
> the action is not consistent with debian's published
> values of inclusiveness.
> also to give people the freedom to parti
13 matches
Mail list logo
