[Pkg-sass-devel] Bug#921952: Bug#921952: Don't include in buster without proper commitment to update in stable
Moritz Mühlenhoff
jmm at inutil.org
Mon Mar 11 19:32:08 GMT 2019
On Mon, Mar 11, 2019 at 12:29:10PM +0100, Jonas Smedegaard wrote:
> control: reopen -1
>
> Quoting Jonas Smedegaard (2019-03-11 12:22:03)
> > Quoting Moritz Muehlenhoff (2019-02-10 14:47:49)
> > > Source: libsass
> > > Severity: serious
> > >
> > > None of the security bugs filed in the BTS has seen any maintainer followup
> > > (dating back to 2017 in some cases), and that's just the tip of the iceberg,
> > > the security tracker lists many more.
> > >
> > > Unless someone steps forward and commits to properly maintain it during the
> > > lifetime of a stable release, let's not include it in buster.
> >
> > I have now looked closer at this issue, and disagree that this package
> > has a bug of general neglect. Closing this bugreport accordingly.
>
> Whoops - I have no idea how I could manage to "investigate" but miss the
> amount of bugreports that I now see (and are not new).
>
> Reopening. Sorry for the noise.
In addition there's also a fair number of security issues which don't
even have a bug filed, see
https://security-tracker.debian.org/tracker/source-package/libsass
Cheers,
Moritz
More information about the pkg-sass-devel
mailing list