Security support of axis2c

To: debian-lts@lists.debian.org
Subject: Security support of axis2c
From: Raphael Hertzog <hertzog@debian.org>
Date: Mon, 22 Sep 2014 14:58:35 +0200
Message-id: <[🔎] 20140922125835.GA22827@x230-buxy.home.ouaza.com>
Mail-followup-to: Raphael Hertzog <hertzog@debian.org>, debian-lts@lists.debian.org

Hello,

while going through the list of open CVE in oldstable I stumbled upon two
issues concerning axis2c:
https://security-tracker.debian.org/tracker/source-package/axis2c

None of those issues are fixed upstream and they are also not fixed
in unstable. It looks like the software is mostly dead upstream with
no new releases for years.

Shall we declare that axis2c is no longer supportable on squeeze?

If yes, what's the way to do that, opening a bug report against
debian-security-support? (IIRC we used to drop the package
from the release entirely during point releases but this
is not possible here).

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Discover the Debian Administrator's Handbook:
→ http://debian-handbook.info/get/

Reply to:

Follow-Ups:
- Re: Security support of axis2c
  - From: Holger Levsen <holger@layer-acht.org>

Prev by Date: Re: packages-to-support vs rails EOL
Next by Date: Re: Security support of axis2c
Previous by thread: Re: packages-to-support vs rails EOL
Next by thread: Re: Security support of axis2c
Index(es):
- Date
- Thread