[Secure-testing-commits] r14051 - data/CVE
Moritz Muehlenhoff
jmm at inutil.org
Sun Feb 7 18:16:33 UTC 2010
On Sun, Feb 07, 2010 at 01:07:09PM -0500, Michael Gilbert wrote:
> On Sun, 7 Feb 2010 18:03:29 +0000 Moritz Muehlenhoff wrote:
>
> > Author: jmm-guest
> > Date: 2010-02-07 18:03:23 +0000 (Sun, 07 Feb 2010)
> > New Revision: 14051
> >
> > Modified:
> > data/CVE/list
> > Log:
> > Revert commit: The flash plugin is _not_ shipped by Debian.
> > Having it installed through the installer script is in
> > no way covered by security support
>
> all of non-free is unsupported. how is this any different? regardless
> of security support, packages in the archive should be tracked.
It doesn't contain the Flash plugin, it's just an installer. Anyone
you uses, it needs to check for Adobe advisories on his own. We've
decided to treat external installer packages like this one two years
ago.
> i really wish you would bring these things up with me first so we can
> discuss beforehand. commit/decommit is no fun.
Exactly, if _you_ had asked before committing it, I wouldn't have had
to revert it :-)
Cheers,
Moritz
More information about the Secure-testing-commits
mailing list