On Sat, May 07, 2005 at 04:12:05PM +0200, Norbert Tretkowski wrote: > * Brian M. Carlson wrote: > > The version in sarge[0] is vulnerable to a bug about data loss > > because of data encrypted to the wrong key (299814) and a security > > bug about using gnupg as an oracle in automated environments > > (300859). The latter bug affects sid too. > Looks like James is no longer interested in maintaining gnupg. He > doesn't respond to bugreports, and he also didn't respond to mails > from the release managers where they asked him if a newer version of > gnupg should get pushed into sarge. > So, how to proceed? It's a package with release-critical bugs; if the maintainer isn't able to take care of fixing them, an NMU is needed. -- Steve Langasek postmodern programmer
Attachment:
signature.asc
Description: Digital signature