On Wednesday, 19 June 2019 1:10:03 AM AEST Moritz Muehlenhoff wrote: > On Tue, Jun 18, 2019 at 05:35:55PM +1000, Dmitry Smirnov wrote: > > I would reclassify those vulnerabilities with lesser severity to avoid > > removal from Buster. > > That's certainly possible, but there's still the bigger issue that the > projects seems unmaintained. None of the developers even acknowledged > the report for three weeks. So what's going to happen if there's a severe > issue in rkt? Is there a fork or someone left who's picking this up? > Do you or anyone else in the maintainers feel comfortable to write patches > in the absense of upstream development?
Moritz, I share your concerns. Upstream development is dormant and I fear
that _rkt_ is at risk of drifting to obsolescence.
Not much we can do about it...
Current situation with container engines is unfortunate. I know only one
actively maintained alternative to terrible Docker -- _libpod_ which is a
relatively new project partially based on Docker code.
_rkt_ is/was a better alternative...
--
Regards,
Dmitry Smirnov.
---
It is a fine thing to be honest, but it is also very important to be right.
-- Winston Churchill
signature.asc
Description: This is a digitally signed message part.
