Anand Kumria <[EMAIL PROTECTED]> writes:
>> The ffmpeg library in debian is a problem case and probably should not
>> be in there. That issue hasn't been decided yet and till then anything
>> using it stays stuck.
>
> Really? Excellent then. I would expect that gstreamer0.10-ffmpeg,
> recently uploaded, to be stuck in NEW for a year (at least) then.
>
> If it isn't then your theory is wrong.
>
> What you are saying that is that a sceanario such as:
> - a company (e.g. Unisys) asserting a patent on
> - a file format (e.g. GIF) which has
> - a library (e.g. libgif) which is used by
> - an application (e.g. gimp)
>
> should result in further uploads of the gimp being held indefinately in
> the NEW queue until such time as any perceived library patent problem is
> resolved.
If gimp contained the libgif source code then yes. For that and
code/bug duplicating reasons.
So if you run into such a case better make sure not to get gimp into
the NEW queue or it stays there for a while.
> I'd argue that either:
> - the library, and all dependant program be removed from the
> archive
> - that applications merely linked to the library be allowed in
> but that the library maintainer be asked to remove the
> offending code
>
> In the spirit of Anthony's blog entry [1], I've CC'd him for an informal
> opinion about that.
Both would be ok. But this case doesn't fall under this. It contains a
copy of the source it seems.
Imho that alone is already grounds for rejection or we create a
situation like zlib where every package had a copy and the same
security exploit.
MfG
Goswin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
