On Tue, Nov 11, 2003 at 11:59:24AM +0100, Martin Schulze wrote: I'm confused. On the one hand, you say:
> The regulations for stable are quite conservative. The requirements > for packages to get into stable are: > 1. The package fixes a security problem. An advisory by our own > Security Team is required. Updates need to be approved by the > security team. > 2. The package fixes a critical bug which can lead into data loss, > data corruption, or an overly broken system, or the package is > broken or not usable (anymore). > 3. The stable version of the package is not installable at all due to > broken or unmet dependencies or broken installation scripts. > It is ((1 OR 2 OR 3) AND 4) OR 5 But on the other hand: > aspell-en stable 0.33.7.1-8 alpha arm hppa i386 ia64 m68k powerpc > s390 sparc > aspell stable 0.33.7.1-8 alpha arm hppa i386 ia64 m68k powerpc > s390 sparc source > libaspell-dev stable 0.33.7.1-8 alpha arm hppa i386 ia64 m68k powerpc > s390 sparc > libaspell10 stable 0.33.7.1-8 alpha arm hppa i386 ia64 m68k powerpc > s390 sparc > > The license incorrectly says that it's LGPL but it is in fact > a unique license which is non-DFSG-free. A package I have recently adopted, scsh, is in the same case. It is in main, but in fact contains non-free parts. A (temporary, until all different authors are traced and that they can agree to free the code) solution is in sid (source, i386) and underway for the other arches and sarge. Does this warrant an update in a woody revision? Why? Is this considered a "Security issue", because it may cause people with guns (police) to come to your house and threaten you? Shall I then contact the security team about this, too? Shall I then prepare an updated package, with correct copyright file, for stable/non-free, and try to get people to compile it for all arches? -- Lionel
signature.asc
Description: Digital signature
