Re: Security in sarge
>> > pavuk (unfixed; bug #264684) for DSA-527
>> pavuk 0.9pl28-3 fixed that. #264684 is left open only for the other
>> security hole mentioned there. We might need a DSA for that hole..
>> I'm not explicitly tracking it since it already has an RC bug.
> Package is in a weird state in the archive (binaries but no sources);
> requires an ftpmaster to look at it, preferably for removal from sarge.
>> rlpr (unfixed; bug #255402) for DSA-524
> rlpr is in the same state as pavuk above.
I didn't look into pavuk, but rlpr has as far as I see no weird state.
The latest Debian version is from the above DSA (2.02-7woody1), which
could savely be included in sarge. Upstream has 2.05, though.
I would not like to see it removed.