Re: gnupg RC bugs

To: debian-release@lists.debian.org, nobse@debian.org
Subject: Re: gnupg RC bugs
From: Steve Langasek <vorlon@debian.org>
Date: Sat, 7 May 2005 15:52:13 -0700
Message-id: <[🔎] 20050507225208.GA9291@mauritius.dodds.net>
Mail-followup-to: debian-release@lists.debian.org, nobse@debian.org
In-reply-to: <[🔎] 20050507141204.GA24431@rollcage.inittab.de>
References: <[🔎] 1115215685.21930.31.camel@stonewall.crustytoothpaste.ath.cx> <[🔎] 20050507141204.GA24431@rollcage.inittab.de>

On Sat, May 07, 2005 at 04:12:05PM +0200, Norbert Tretkowski wrote:
> * Brian M. Carlson wrote:
> > The version in sarge[0] is vulnerable to a bug about data loss
> > because of data encrypted to the wrong key (299814) and a security
> > bug about using gnupg as an oracle in automated environments
> > (300859). The latter bug affects sid too.

> Looks like James is no longer interested in maintaining gnupg. He
> doesn't respond to bugreports, and he also didn't respond to mails
> from the release managers where they asked him if a newer version of
> gnupg should get pushed into sarge.

> So, how to proceed?

It's a package with release-critical bugs; if the maintainer isn't able to
take care of fixing them, an NMU is needed.

-- 
Steve Langasek
postmodern programmer

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: gnupg RC bugs
  - From: Norbert Tretkowski <tretkowski@inittab.de>

References:
- gnupg RC bugs
  - From: "Brian M. Carlson" <sandals@crustytoothpaste.ath.cx>
- Re: gnupg RC bugs
  - From: Norbert Tretkowski <nobse@debian.org>

Prev by Date: Re: Can nagios-plugins 1.4-4 enter testing?
Next by Date: Re: please push ruby1.8_1.8.2-6 to sarge
Previous by thread: Re: gnupg RC bugs
Next by thread: Re: gnupg RC bugs
Index(es):
- Date
- Thread