[Bug 518949] Review Request: brlcad - computer aided solid modelling and design
bugzilla at redhat.com
bugzilla at redhat.com
Wed Dec 16 15:42:55 UTC 2009
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=518949
--- Comment #17 from Toshio Ernie Kuratomi <a.badger at gmail.com> 2009-12-16 10:42:51 EDT ---
When an upstream is dead like you're saying tkImg and tkHTML3 are, the problem
of bundled and static libraries is exacerbated. In those cases, instead of
having to wait for multiple upstreams to discover problems, make fixes,
announce them, and then have the next upstream in the chain realise the problem
affects their bundled libraries, make fixes, and release updated tarballs, we
have upstreams whose source will never change even though there's known
security vulnerabilities. This makes it even more imperative that the packager
fixes these problems as soon as possible as the packager is the new upstream
for the package and if they package with these problems then the maintenance
burden for fixing those types of security problems falls entirely on them.
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the Fedora-package-review
mailing list