Bug#888255: RM? Upstream dropped support, security important, newer version packaged
Chris West
debian at fau.xxx
Wed Jan 24 11:18:32 UTC 2018
Source: netty-3.9
Version: 3.9.9.Final-1
Severity: normal
netty is complicated security code so needs support.
netty 3.x support was ended by upstream in Jun 2016[1].
netty 3.9 hasn't had an upstream commit/release since Jul 2015.
The latest version is packaged as "netty" and supported.
netty-3.9 needs a backport of the fix for https://bugs.debian.org/828451
which is blocking the openssl-1.0rm transition.
Current (build) rdeps:
activemq
aether
apache-curator
async-http-client
bookkeeper
eclipse-aether
elasticsearch
libgpars-groovy-java
maven-indexer
maven-resolver
osmosis
pomegranate-clojure
tycho
zookeeper
I do not think netty-3.9 should be released with Buster.
Can we start RMing it?
Cheers,
Chris.
1: https://netty.io/news/2016/06/29/3-10-6-Final.html
More information about the pkg-java-maintainers
mailing list