Dear release team, Thank you for making a decision on the direction for bug #449497 in foo2zjs [1]. I believe that this is a reasonable choice for now due to the impending release. However, I would really like to see an honest and consructive conversation on the issue. I believe that there are some major security and functionality problems with fetching scripts, and there should be clear direction from the members of the debian project on the matter. I would like to be able to completely trust main, so it is my hope that developers would do everything in their power to keep main as clean and safe as possible. I am just a user, so I feel powerless to do anything, and my experience dealing with the foo2zjs maintainers was not exactly constructive [2],[3],[4] (primarily because of apathy, over-reactiveness, and hyper sensitivity on their part and perhaps a lack of appreciation for the bug severity command and control authority [5] on my part). Where do we go from here to make sure the issue gets the appropriate level of thought and consideration that it deserves (after lenny gets released of course)?
Best wishes, Michael Gilbert [1] http://lists.debian.org/debian-release/2008/11/msg00106.html [2] http://bugs.debian.org/449497 [3] http://bugs.debian.org/503813 [4] http://bugs.debian.org/503814 [5] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
