[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

majordomo concerns (and putting up for adoption)

Hey all,

As you may have noticed, some new majordomo security issues recently
popped up. The majordomo packages in all Debian releases are affected.
This is not 'the' security notice about this, by the way. FYI: details
in Bug#65018.

Majordomo's license is evil: we cannot modify the source and simply
rebuild the package, without violating the license (this has been
discussed before). I know Redhat did this. SuSE sent out a message some
time ago that they are not able to fix their majordomo package due to
the licensing.

At this very moment, no new upstream (fixed) version of majordomo
exists, and the way patches are currently applied (by providing them in
/usr/share/doc/majordomo) won't help in solving this new security
problem because the majordomo 'wrapper' binary has to be modified as
well (most of the rest of majordomo is perl).

As I don't use majordomo myself anymore, I want to put it up for
adoption. If anyone wants it, take it. If noone does, the package may
be removed from the distribution. There are (imho) good alternatives
available, like mailman.

Awaiting replies,


Reply to: