Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > linux.debian.maint.java > #9981
| From | Miguel Landaeta <nomadium@debian.org> |
|---|---|
| Newsgroups | linux.debian.maint.java |
| Subject | Re: Security issue in groovy<2.5.0 |
| Date | 2017-09-05 22:00 +0200 |
| Message-ID | <umsaR-7dY-5@gated-at.bofh.it> (permalink) |
| References | <um5nX-16D-13@gated-at.bofh.it> |
| Organization | linux.* mail to news gateway |
[Multipart message — attachments visible in raw view] - view raw
Hi, On Monday, September 4, 2017 09:35:46 PM CEST Felix Natter wrote: > > [...] > > which seems to violate §5.6.3. So how can we make a policy-compliant > team upload without becoming maintainer (I'd like to avoid taking over > groovy maintainership if possible)? > > Shall we set > Maintainer: Debian QA Group <packages@qa.debian.org> > according to Policy §3.3, even if we usually do team uploads? The Debian Java team should be kept as maintainer since groovy is not being orphaned. It's only the uploaders list that is not correct anymore. > Other than that: @Miguel, @Emmanuel, @Kai: do you agree to make a simple > 2.4.8-2 release with Miguel's changes only adding that patch? I'm just curious here, but what's the upstream rationale to don't release a hot fix for groovy if we are talking about a security issue? I agree with including the patch, especially if it's already merged at upstream and scheduled to be included in 2.5.0. Cheers, Miguel. -- Miguel Landaeta, nomadium at debian.org secure email with PGP 0x6E608B637D8967E9 available at http://miguel.cc/key. "Faith means not wanting to know what is true." -- Nietzsche
Back to linux.debian.maint.java | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
Security issue in groovy<2.5.0 Felix Natter <fnatter@gmx.net> - 2017-08-17 20:20 +0200
Re: Security issue in groovy<2.5.0 Felix Natter <fnatter@gmx.net> - 2017-08-26 18:20 +0200
Re: Security issue in groovy<2.5.0 Emmanuel Bourg <ebourg@apache.org> - 2017-08-26 18:50 +0200
Re: Security issue in groovy<2.5.0 Felix Natter <fnatter@gmx.net> - 2017-08-26 20:00 +0200
Re: Security issue in groovy<2.5.0 Felix Natter <fnatter@gmx.net> - 2017-08-26 20:40 +0200
Re: Security issue in groovy<2.5.0 Thorsten Glaser <t.glaser@tarent.de> - 2017-08-27 00:50 +0200
Re: Security issue in groovy<2.5.0 Felix Natter <fnatter@gmx.net> - 2017-08-28 19:10 +0200
Re: Security issue in groovy<2.5.0 Felix Natter <fnatter@gmx.net> - 2017-09-02 16:40 +0200
Re: Security issue in groovy<2.5.0 殷啟聰 | Kai-Chung Yan <seamlikok@gmail.com> - 2017-09-04 08:10 +0200
Re: Security issue in groovy<2.5.0 Felix Natter <fnatter@gmx.net> - 2017-09-04 21:40 +0200
Re: Security issue in groovy<2.5.0 Miguel Landaeta <nomadium@debian.org> - 2017-09-05 22:00 +0200
Re: Security issue in groovy<2.5.0 殷啟聰 | Kai-Chung Yan <seamlikok@gmail.com> - 2017-09-06 18:10 +0200
Re: Security issue in groovy<2.5.0 Paul Wise <pabs@debian.org> - 2017-09-07 05:00 +0200
Re: Security issue in groovy<2.5.0 Emmanuel Bourg <ebourg@apache.org> - 2017-08-26 18:20 +0200
Re: Security issue in groovy<2.5.0 Felix Natter <fnatter@gmx.net> - 2017-09-07 20:50 +0200
Re: Security issue in groovy<2.5.0 Emmanuel Bourg <ebourg@apache.org> - 2017-09-07 21:10 +0200
csiph-web