Bug#1093386: RM: libnet-easytcp-perl/0.26-6
Salvatore Bonaccorso
carnil at debian.org
Fri Jan 17 21:19:51 GMT 2025
Package: release.debian.org
Severity: normal
X-Debbugs-Cc: libnet-easytcp-perl at packages.debian.org, Debian Perl Group <pkg-perl-maintainers at lists.alioth.debian.org>, Gunnar Wolf <gwolf at debian.org>, team at security.debian.org, gregoa at debian.org, carnil at debian.org
Control: affects -1 + src:libnet-easytcp-perl
User: release.debian.org at packages.debian.org
Usertags: rm
Dear SRM,
This is the corresponding removal request for libnet-easytcp-perl from
stable, relating to #1093385 for unstable and testing.
libnet-easytcp-perl has security issues (CVE-2024-56830, note not the
same as CVE-2002-20002) where it fallsback to Perl's builtin rand() if
no strong randomization module is present, and Crypt::Random is not
packaged and used.
Furthermore is upstream basically unmaintained, the last version was
0.26 from 2004.
Additionally it has low popcon, so I think it is affordable for
removal.
It can be removed from stable:
|$ dak rm --suite=bookworm -n -R libnet-easytcp-perl
|Will remove the following packages from bookworm:
|
|libnet-easytcp-perl | 0.26-6 | source, all
|
|Maintainer: Debian Perl Group <pkg-perl-maintainers at lists.alioth.debian.org>
|
|------------------- Reason -------------------
|
|----------------------------------------------
|
|Checking reverse dependencies...
|No dependency problem found.
Regards,
Salvatore
More information about the pkg-perl-maintainers
mailing list