[Secure-testing-team] py-asterisk REMOVED from testing

Julien BLACHE jblache at debian.org
Mon Oct 15 09:08:57 UTC 2007


Luk Claes <luk at debian.org> wrote:

Hi,

>> Could someone explain why py-asterisk and libasterisk-agi-perl got
>> pulled from testing due to security concerns in *asterisk* itself ?
>
> Because asterisk maintainers apparantly aren't interesting in making 
> sure stable and secure packages reach testing as this is already taking 
> months and even before the release these packages were more than once in 
> a very bad shape, I thought they wouldn't mind... I guess I was wrong, 
> though I can still be convinced to remove all their packages from 
> testing if I was right after all...

I have trouble understanding why you've removed unrelated
packages. asterisk has security issues, you pull it from testing along
with dependent packages, end of the story. Why remove other packages
that have no relationship with asterisk as far as the testing scripts
are concerned ?

Even if we were to ship a stable release without asterisk itself,
packages like py-asterisk and libasterisk-agi-perl are still useful.

> Ok, purged removal hints for these two for now...

Thanks !

> Please, pretty please can someone preferably more than one take care of 
> the VOIP packages appropriately so removals of testing and release team 
> wasting time on them is not necessary anymore, TIA!

I understand why you're pissed at asterisk. I am too. But this is
being worked on and some people are putting a lot of energy into
that. In the meantime, please avoid collateral damages :)

Thanks,

JB.

-- 
 Julien BLACHE - Debian & GNU/Linux Developer - <jblache at debian.org> 
 
 Public key available on <http://www.jblache.org> - KeyID: F5D6 5169 
 GPG Fingerprint : 935A 79F1 C8B3 3521 FD62 7CC7 CD61 4FD7 F5D6 5169 



More information about the Secure-testing-team mailing list