1 |
On 2/02/2013 00:36, Wulf C. Krueger wrote: |
2 |
> -----BEGIN PGP SIGNED MESSAGE----- |
3 |
> Hash: SHA1 |
4 |
> |
5 |
> On 01.02.2013 14:26, Rich Freeman wrote: |
6 |
>> As long as it builds on 80%+ of systems and has no serious issues |
7 |
>> (security in particular) there is no reason to remove a package. |
8 |
> |
9 |
> And how will you get to know about current or future security issues if |
10 |
> nobody (in Gentoo) cares about the package? |
11 |
The security team routinely monitors various information sources to |
12 |
ensure that issues are tracked regardless of maintainer. |
13 |
|
14 |
>> Remove things when they cause problems, not before. |
15 |
> |
16 |
> You mean, not before your users' systems have been compromised and they |
17 |
> complain loudly about it? |
18 |
> |
19 |
> Best regards, Wulf |
20 |
> -----BEGIN PGP SIGNATURE----- |
21 |
> Version: GnuPG v2.0.19 (GNU/Linux) |
22 |
> Comment: Using GnuPG with undefined - http://www.enigmail.net/ |
23 |
> |
24 |
> iEYEARECAAYFAlELxNgACgkQnuVXRcSi+5qP8wCghvWTuQvcFfJojX9HS8Jln6O/ |
25 |
> 144AnipUMY1NU8DbrtzesEbvpSHeYkPt |
26 |
> =awFq |
27 |
> -----END PGP SIGNATURE----- |
28 |
> |
29 |
> |