1 |
On Thursday, July 07, 2016 06:37:09 AM Duncan wrote: |
2 |
> J. Roeleveld posted on Wed, 06 Jul 2016 20:22:57 +0200 as excerpted: |
3 |
> > On Thursday, June 30, 2016 10:30:07 PM Aaron Bauman wrote: |
4 |
> >> # Aaron Bauman <bman@g.o> (30 Jun 2016) |
5 |
> >> # Unpatched security vulnerability per bug #509920. |
6 |
> >> # Removal in 30 days www-apps/egroupware |
7 |
> > |
8 |
> > Why is this bug being used to treeclean egroupware? |
9 |
> > |
10 |
> > Why is bug 461212 not being used to actually resolve the issue? |
11 |
> > If I would actually be confident that it would actually be used, I would |
12 |
> > have no issue on trying to get my latest ebuild ( version 14.3.20160525 |
13 |
> > ) converted to the latest standards. |
14 |
> |
15 |
> According to equery meta, egroupware has no individual developer |
16 |
> maintainer and no proxied maintainer, only the webapps project as |
17 |
> maintainer. And apparently there, nobody has been specifically |
18 |
> interested in egroupware, so it has fallen thru the cracks to some |
19 |
> degree, tho newer versions /may/ be in the webapps-experimental overlay. |
20 |
|
21 |
I tried contacting the web-apps project directly, but never received a reply. |
22 |
|
23 |
> Here's the webapps project wiki page: |
24 |
> |
25 |
> https://wiki.gentoo.org/wiki/Project:Webapps |
26 |
> |
27 |
> That has this to say when discussing the overlay, quote: |
28 |
> |
29 |
.... |
30 |
> |
31 |
> The overlay can be found here: |
32 |
> https://cgit.gentoo.org/proj/webapps-experimental.git/ |
33 |
|
34 |
Last commit in 2011. |
35 |
|
36 |
> Warning |
37 |
> Please remember that the applications available through the overlay might |
38 |
> compromise the security of your server! |
39 |
> |
40 |
> The overlay is an ideal playground for new developers wishing to join our |
41 |
> team. Once we see that you are capable of writing ebuilds of reasonable |
42 |
> quality, we can provide you with commit rights to the overlay. |
43 |
> |
44 |
> End quote. |
45 |
> |
46 |
> |
47 |
> So it's possible newer versions are in the overlay, and they simply |
48 |
> decided it was too much of a load to keep a version in the tree as well. |
49 |
> |
50 |
> If there /aren't/ newer versions in the overlay, presumably it's because |
51 |
> nobody that has access has been interested in maintaining it in the |
52 |
> overlay either. |
53 |
> |
54 |
> Either way, given your obvious interest, I'd suggest contacting them |
55 |
> about overlay commit rights, and/or volunteering to be the proxied |
56 |
> maintainer for this particular package. |
57 |
|
58 |
Is there a way of finding out who are actually in the web-app project and which |
59 |
of them would be able and willing to work with me on this and other web |
60 |
applications that I actively use? |
61 |
|
62 |
From the lack of response to the email and lack of updates on the overlay, the |
63 |
project seems dead to me. |
64 |
|
65 |
-- |
66 |
Joost |