On Sat, 2005-02-12 at 23:56 -0800, Steve Langasek wrote: > On Sat, Feb 12, 2005 at 11:29:38PM -0500, Steve Halasz wrote: > > My sponsor suggested I write to you and request that you consider the > > grass package in the NEW queue for Sarge. It fixes an RC security bug > > and a number of other problems. > > This bug is no longer RC because grass is no longer in testing (removed for > precisely this bug). If you want grass to be considerd for sarge, I would > recommend that you upload a version of the package that fixes the security > bug without introducing changes that require NEW processing by ftpmasters. >
I don't know if it's bad form to plead with the release team, but I'm going to try anyway. The former maintainers of this package did not have the time or maybe the interest to keep it up to date. I have spent a lot of effort getting the latest release packaged and now the 5.0.3 version that was in testing is old and busted and no longer maintained upstream. I tried to get upstream to patch the tempfile security bug in 5.0.3, but they had no interest. I can try to backport the fixes, but it will take considerable time and effort. Also 5.0.3 had to be statically linked, only builds on i386, and has a >30MB .deb. The 5.7.0+6.0.0beta2 package is by far the most expedient cure for what ails grass in Debian. It will be a much more current, usable, and maintainable offering for Sarge. Thanks for your time, Steve -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
