Hi On Tue, 18 Jun 2019 17:10:03 +0200 Moritz Muehlenhoff <j...@inutil.org> wrote: > On Tue, Jun 18, 2019 at 05:35:55PM +1000, Dmitry Smirnov wrote: > > I would reclassify those vulnerabilities with lesser severity to avoid > > removal from Buster. > > That's certainly possible, but there's still the bigger issue that the > projects seems unmaintained. None of the developers even acknowledged > the report for three weeks. So what's going to happen if there's a severe > issue in rkt? Is there a fork or someone left who's picking this up? > Do you or anyone else in the maintainers feel comfortable to write patches > in the absense of upstream development?
As mentioned in bug 928227, rkt also FTBFS on arm64 and ppc64el last time that was tried. Paul https://buildd.debian.org/status/fetch.php?pkg=rkt&arch=arm64&ver=1.30.0%2Bdfsg-7%2Bb10&stamp=1552301141&raw=0 https://buildd.debian.org/status/fetch.php?pkg=rkt&arch=ppc64el&ver=1.30.0%2Bdfsg-7%2Bb10&stamp=1552301135&raw=0
signature.asc
Description: OpenPGP digital signature
