Bug#639645: opu: package xpdf/3.02-1.4+lenny4

[Michael Gilbert <michael.s.gilbert@gmail.com>]

Michael Gilbert wrote:
> > In any case, I'm not entirely convinced that a NEWS file is the
> > right location to be making a statement that seems in danger of
> > approaching "this package isn't getting security support in lenny".
> 
> So, an EOL could be declared on t1lib, but there are many dependencies
> on it.  So, I saw the news file as more of a tool to educate the user
> on what to do to disable t1lib if they actually see these issues as
> concerns.  Another possibility would be to set t1lib=no in the default
> xpdfrc (which disables it) with instructions in NEWS.Debian on how to
> reenable it.

Any thoughts on what the right thing to do is here?  Whatever the
decision, that's what I'll implement, and I would really like to get
this into the upcoming lenny proposed-update.

Thanks,
Mike