Bug#511582: #511582: updated patch, also fixes lintian error (and a few lintian warnings)
Julien Cristau
jcristau at debian.org
Fri Sep 3 16:56:14 UTC 2010
On Mon, Feb 1, 2010 at 00:51:43 -0500, Daniel Kahn Gillmor wrote:
> here is a revised patch for #511582 for opie, including a slightly
> simpler fix for misaligned XORs and also fixing a lintian error and
> several lintian warnings.
>
> However, it still does not resolve the licensing concerns described on
> this bug, and it also leaves several lintian warnings unresolved:
>
> W: opie source: package-uses-deprecated-debhelper-compat-version 3
> W: opie source: debian-rules-sets-DH_COMPAT line 5
> W: opie source: ancient-standards-version 3.6.1.0 (current is 3.8.3)
> W: opie-server: non-standard-file-perm etc/opiekeys 0600 != 0644
> W: opie-server: setuid-binary usr/bin/opiepasswd 4755 root/root
>
> In particular, i'm concerned that this package has a setuid binary, has
> had only NMUs since 2004, hasn't been reviewed for recent Standards or
> debhelper versions, and http://bugs.debian.org/511582#30 suggests that
> the maintainer seems to think that we should move away from the codebase.
>
> I'm wondering if we should remove the package from the archive entirely
> as a result of this review. I'm not comfortable NMUing a package with
> these outstanding concerns.
>
In order to remove the package, we'd have to remove its reverse
dependencies, or change them to not need libopie-dev. According to dak,
that would be cyrus-sasl2, inetutils and libpam-opie. Is opie an
optional dependency for those packages (I'm guessing not for
libpam-opie, no idea for the others)?
Cheers,
Julien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-cyrus-sasl2-debian-devel/attachments/20100903/58736d37/attachment-0001.pgp>
More information about the Pkg-cyrus-sasl2-debian-devel
mailing list