[Pkg-freeipa-devel] Bug#1085393: should dogtag-pki be removed from unstable?

Helmut Grohne helmut at subdivi.de
Fri Oct 18 20:38:44 BST 2024


Source: dogtag-pki
Version: 11.2.1-2
Severity: important
User: helmutg at debian.org
Usertags: sidremove

Hi,

in addition to automatic removal suggestions, I would like to suggest
removing dogtag-pki from unstable.

It is not part of bookworm nor trixie. It is a non-key leaf package. It
has been last uploaded more than a year ago. It has four distinct RC
bugs, of which one has a patch since at least four months. It also fails
to build from source since at least three months. It has a privilege
escalation vulnerability. It depends on tomcatjss, which is also rc
buggy and cannot be removed, because it has dogtag-pki as sole reverse
dependency.

If you disagree with the removal suggestion, please add a wontfix tag to
this bug. Otherwise, I'll reassign it into a proper removal bug in about
a month.

Helmut



More information about the Pkg-freeipa-devel mailing list