[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security in sarge

On Tue, Sep 28, 2004 at 05:12:15PM +0200, Tobias Stefan Richter wrote:
> >> > pavuk (unfixed; bug #264684) for DSA-527
> >
> >> pavuk 0.9pl28-3 fixed that. #264684 is left open only for the other
> >> security hole mentioned there. We might need a DSA for that hole..
> >> I'm not explicitly tracking it since it already has an RC bug.
> >
> > Package is in a weird state in the archive (binaries but no sources);
> > requires an ftpmaster to look at it, preferably for removal from sarge.
> >
> [...]
> >> rlpr (unfixed; bug #255402) for DSA-524

> > rlpr is in the same state as pavuk above.

> I didn't look into pavuk, but rlpr has as far as I see no weird state.

You seem to be right, though previous attempts to cleanly remove this
package from testing had failed.

> The latest Debian version is from the above DSA (2.02-7woody1), which 
> could savely be included in sarge. Upstream has 2.05, though.
> I would not like to see it removed.

Are you willing to maintain the package yourself?

Steve Langasek
postmodern programmer

Attachment: signature.asc
Description: Digital signature

Reply to: