Laurens Blankers:
>
> Two days ago an article was posted on Linux.com about setting up
> 2-factor authentication using the libpam-google-authenticator package [1].
>
> Looking at the Debian package [2] I noticed it was last updated August
> 2013, however the source at GitHub has been updated as recently as 2
> days ago. Browsing through the commit log [3] indicates lots of issues
> related to memcpy, malloc, and SIGSEGV have been fixed since 2013.
>
> How do I determine whether whether this package is safe to use?
You already have all the information. Since the package was not updated
in Debian since 2013 even though upstream published significant changes,
you should consider it abandoned. I am not completely sure, but I think
somebody should file an RC bug so that it doesn't become part of the
next Debian stable unless a new upstream version is uploaded.
See also bug #771140 from 18 months ago.
J.
--
After the millenium I will shoot to kill.
[Agree] [Disagree]
<http://archive.slowlydownward.com/NODATA/data_enter2.html>
Attachment:
signature.asc
Description: Digital signature