> Neil Schemenauer > 56472 followup: has patch been accepted? is NMU useful?
The maintainer applied my patch, uploaded and closed the bug. > 80888 followup: work out what to do about this package This is the dnrd security bug. I still don't know what to do about it. I don't have time nor do I want to rewrite a piece of software I don't use. The upstream maintainer does not seem to care. The Debian maintainer does not have the experience. The daemon runs under its own UID in a chroot jail so a cracker would have a tough time doing any damage. However, if you are sufficiently paranoid, you would not use the package. Should we remove it? I'm paranoid but I wouldn't use sendmail or bind either. Does that mean we should remove them from Debian? > 119851 followup: NMU needed; should package be marked as orphaned? I did an NMU. It looks like someone is going to take over gap4. Should I still orphan it? > 143852 followup: response from the maintainer needed I got a reponse from both the maintainer and upstream maintainer. They both think my suggestion would fix the bug. Unfortunately, it looks like this package is not a priority for the upstream maintainer. I guess I should pester them to see if they are planning to do anything. > 148726 [ ] libsasl-gssapi-heimdal dependency problems > 151753 [ ] korganizer: Rebuild with libpisock5 No progress on these two yet (sorry, I'm low on spare time). The maintainer has a lot of bugs open against the sasl2 package, many of them over a year old, two of them grave. > um-pppd There is already a bug open for this package. I attached a patch to fix the build problem to the bug. > ttthreeparser This package is not going into testing because it depends on antlr. antlr is not getting in because kaffe is not getting in. There is already a bug filled against kaffe. I assume I should not file one against ttthreeparser. > amp Someone already filed a bug against this package. Neil
