[Pkg-openldap-devel] Bug#795428: OpenSLP 1.2 should not be part of stretch
Julien Cristau
jcristau at debian.org
Sun Feb 21 00:20:52 UTC 2016
Control: clone -1 -2 -3 -4 -5 -6 -7 -8
Control: reassign -2 cups 2.1.3-1
Control: retitle -2 cups: build-depends on libslp-dev
Control: reassign -3 kde-runtime 4:15.08.3-1
Control: retitle -3 kde-runtime: build-depends on libslp-dev
Control: reassign -4 kio-extras 4:15.08.3-1
Control: retitle -4 kio-extras: build-depends on libslp-dev
Control: reassign -5 nis 3.17-34
Control: retitle -5 nis: build-depends on libslp-dev
Control: reassign -6 ola 0.9.8-1
Control: retitle -6 ola: build-depends on libslp-dev
Control: reassign -7 openldap 2.4.42+dfsg-2
Control: retitle -7 openldap: build-depends on libslp-dev
Control: reassign -8 roaraudio 1.0~beta11-5
Control: retitle -8 roaraudio: build-depends on libslp-dev
On Thu, Aug 13, 2015 at 23:55:59 +0200, Moritz Muehlenhoff wrote:
> Source: openslp-dfsg
> Severity: serious
>
> The last maintainer upload of openslp happened in 2007
> and it's orphaned for 5.5 years now. The 1.2 branch is
> completely abandoned upstream.
>
> At the minimum the package should be upgraded to 2.0,
> but the comment at
> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5177
> suggests it's completely abandoned upstream.
>
Cloning the bug against the reverse dependencies.
Cheers,
Julien
More information about the Pkg-openldap-devel
mailing list