Bug#1093386: RM: libnet-easytcp-perl/0.26-6

Salvatore Bonaccorso carnil at debian.org
Fri Jan 17 21:19:51 GMT 2025


Package: release.debian.org
Severity: normal
X-Debbugs-Cc: libnet-easytcp-perl at packages.debian.org, Debian Perl Group <pkg-perl-maintainers at lists.alioth.debian.org>, Gunnar Wolf <gwolf at debian.org>, team at security.debian.org, gregoa at debian.org, carnil at debian.org
Control: affects -1 + src:libnet-easytcp-perl
User: release.debian.org at packages.debian.org
Usertags: rm

Dear SRM,

This is the corresponding removal request for libnet-easytcp-perl from
stable, relating to #1093385 for unstable and testing.

libnet-easytcp-perl has security issues (CVE-2024-56830, note not the
same as CVE-2002-20002) where it fallsback to Perl's builtin rand() if
no strong randomization module is present, and Crypt::Random is not
packaged and used.

Furthermore is upstream basically unmaintained, the last version was
0.26 from 2004.

Additionally it has low popcon, so I think it is affordable for
removal.

It can be removed from stable:

|$ dak rm --suite=bookworm -n -R libnet-easytcp-perl
|Will remove the following packages from bookworm:
|
|libnet-easytcp-perl |     0.26-6 | source, all
|
|Maintainer: Debian Perl Group <pkg-perl-maintainers at lists.alioth.debian.org>
|
|------------------- Reason -------------------
|
|----------------------------------------------
|
|Checking reverse dependencies...
|No dependency problem found.

Regards,
Salvatore



More information about the pkg-perl-maintainers mailing list