Comment 33 for bug 328442
Revision history for this message
| Martin Pitt (pitti) wrote Re: [Bug 328442] Re: Tor 0.1.2.x abandoned by upstream, update to 0.2.0.34 | #33 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
Eric B. [2009-04-28 7:15 -0000]:
> So, let me get this right: Tor is in both hardy- and intrepid-proposed,
> but has been removed from the jaunty repositories?
Correct.
> Following the previous comments is confusing; why is it like this again?
Because nobody stepped up in time in Jaunty to commit to maintaining
it.
> If its a maintainer issue, why is it in *-proposed?
Because tor is and remains in stable releases (hardy, intrepid), and
Runa kindly stepped up to provide and thoroughly test newer tor
versions for those.
> I was using the latest version in jaunty just fine until I installed the
> jaunty release from scratch and discovered it had been removed. Now I'm
> left attempting to verify trust chains to get a properly signed version,
> or mixing an old *-backports repository into my package database.
You should use the upstream provided packages instead.
> At least throw it into jaunty-backports
That wouldn't work -- where to backport it from?
> I mean, its being supported by Debian, isn't that enough to at least
> get unsupported status?
This is true for most packages, but tor is a bit special, since unlike
for many other packages, old tor versions pose a security risk.
Either we find someone who can commit to maintaining tor in Ubuntu on
an ongoing basis, or we shouldn't have the package in Ubuntu at all.
This was discussed with tor's upstream, too.