[Mageia-dev] push java-1.7.0-openjdk

Sat Apr 21 16:04:09 CEST 2012

Le 21/04/2012 14:12, D.Morgan a écrit :
+> On Sat, Apr 21, 2012 at 2:03 PM, Guillaume Rousse
+> <guillomovitch at gmail.com>  wrote:
+>> Le 21/04/2012 13:44, D.Morgan a écrit :
+>>
+>>>> Thanks for taking care of the tomcats too.  tomcat5 just needs patched
+>>>> for the
+>>>> last two CVEs, and it'll be good to go.
+>>>>
+>>>
+>>> yes as told i will do :)  tomcat5 is the first on my todo ;)
+>>
+>> Do we really need to have 3 different tomcat versions in the distribution
+>> (5, 6 and 7) given the relatively high maintainance cost ? I'd rather drop
+>> tomcat 5 than continue to have it on the list of blocker bugs before every
+>> release.
+>
+> this is planned for mga3 when we will have ported all packages needing
+> tomcat5 to use a newer version.
+I'd rather first have the same interrogation for those packages before 
+investing any manpower in porting them: do we really need all of them in 
+the distribution ?
+
+For instance, struts12 is a deprecated version of struts, dating from 
+2005, whereas current major version is 2.3. tiles20 is a deprecated 
+version of tiles, whose current version is 2.2.2. Etc...
+
+I would have nothing againt those gazillion packages being present in 
+the distribution if their had no side-effect for the rest of the world 
+not using them. However, they do, when they involves release-blockers 
+bugs. And given you're almost the only guy working on the java stack, 
+I'd personnaly prefer to have you working on real issues affecting end 
+users (for instance #2516 and  #2517) than fixing security issues for 
+softwares very unlikely to be used at all...
+
+My point is that we could achieve better results with more focused 
+objectives in this regard.
+-- 
+BOFH excuse #103:
+
+operators on strike due to broken coffee machine
+