* Marcus Meissner <meissner@suse.de> [2011-03-02 11:19]:
On Wed, Mar 02, 2011 at 10:43:51AM +0100, Guido Berhoerster wrote: ...
So we have two categories of packages left which cannot be in Factory, firstly software which is inherently insecure and cannot be maintained in Factory and secondly software which is volatile in nature. Do you have some examples or even numbers for these categories? Even rather nightmarish stuff like phpMyAdmin seems to be in Factory now and for the second category only
As community members submitted it, I take it they commit to maintain it for the lifetime of the openSUSE release its in.
For phpMyAdmin I just sent them a email making it very clear, that for it Security _requests_ active maintenance.
For other not-so-critical packages we can be a bit more relaxed, but not for phpMyAdmin, which was in the top-10 of security issues the last releases we had it.
(Chromium might be also a candidate, if we have commitment that updates get pushed as fast as we get them with Firefox.)
That is a good argument that we actually don't need such a repo at all. (phpMyAdmin was just an example based on what I frequently see in Apache logs and never part of Contrib.) -- Guido Berhoerster -- To unsubscribe, e-mail: opensuse-project+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-project+help@opensuse.org