Should we release lukemftpd with sarge?
I'm wondering whether lukemftpd should be released with sarge or not.
Noah Meyerhans filed a critical security bug in August 2004 (#266370).
This has been fixed in an NMU but Noah also raised this point:
| It seems that lukemftpd no longer exists, at least not by that name.
| In the NetBSD vulnerability report you'll find the following:
| pkgsrc net/lukemftpd: Update pkgsrc, this package was
| renamed to tnftpd
| So it seems to me that this package has been superceded upstream. IMHO,
| we need to drop this package from Debian and (assuming somebody's
| interested) package tnftpd in its place.
I asked Takuo KITAME (the maintainer of lukemftpd in Debian) what he
thinks but never got a response. IMHO we shouldn't release lukemftpd
with sarge but I'm not sure I'm in a position to make that call.
What do the release people think?