[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Proposal: remove krb5-appl (rlogin, rsh, telnet, ftp with krb5 support)

Brian May <brian@microcomaustralia.com.au> schrieb:
> --001a11c1fd62df72e504f0aac077
> Content-Type: text/plain; charset=UTF-8
>
> On 24 January 2014 04:14, Jelmer Vernooij <jelmer@samba.org> wrote:
>
>> > My proposal is to drop the package from the archive, but I wanted to
>> > give others a chance to shout out that I'm wrong and that there's some
>> > compelling use-case I've missed.
>> > If someone can convince me that the packages are useful I'm happy to
>> > spend some effort on them.
>> > However, I don't think that's the case.
>> FWIW we are currently having the same discussion for the Heimdal packages.
>>
>
> http://thread.gmane.org/gmane.comp.encryption.kerberos.heimdal.general/7608
>
> I think these old binaries could make the entire source package and all
> binary packages it builds look bad, if for example somebody discovers a
> serious security issue. Which is very possible, as I don't think anyone is
> really interested in the source code any more.

I agree with the removal. http://www.debian.org/security/2011/dsa-2375 was
already a sufficiently unpleasant christmas present (exploit was posted on
on 24th December)

Cheers,
        Moritz
Reply to: