Description of problem: Have been contacted by members of the RHEL & CentOS communities who are consumers of Asterisk in EPEL6. The problem statement is that Asterisk has outstanding security vulnerabilities fixed upstream, and a number of bug fixes also fixed upstream. There are BZs for some of these issues for some time now: 1044204 1021094 1043923 903070 I have check for activity of the maintainer in bodhi and see recent activity for the same package in Fedora rawhide & F20 withing the past 30 days, but no action on EPEL6 for a about a year. I have also reached out to the maintainer myself asking if there is a reason the EPEL6 package has not been updated or should not be updated. So far (as of this writing) no response, so initiating "Policy_for_nonresponsive_package_maintainers" in the narrow scope of EPEL6. (http://fedoraproject.org/wiki/Policy_for_nonresponsive_package_maintainers)
ping?
I think it would be best if someone else took over the EPEL branches, as I no longer use Asterisk on CentOS/RHEL and have little motivation to maintain those branches. I've released ownership of the EPEL6 branch.