[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: [HEADSUP] Removing vulnerable packages
On Fri, 01 Apr 2011 22:55:19 +0900, Thomas Klausner <wiz%netbsd.org@localhost>
On Fri, Apr 01, 2011 at 10:33:04PM +0900, OBATA Akio wrote:
On Fri, 01 Apr 2011 21:02:32 +0900, Thomas Klausner <wiz%netbsd.org@localhost>
>Oh no. Can we rename one of them?
Hmm, After some digging...
From debian/copyright, it seemes that it is debianised (and folk?) of
From CHANGES, it seems that following is successor (or folk) of it.
So the dead version has the security issue?
Then we can remove it and fix the pattern so it doesn't match the less
dead one :)
Unfortunately, vulnerable one is www/ap-auth-mysql.
I'm not a bash user.
I could reproduced some of them, but I cannot check all of them.
Debian closed their bug report in 2009, so if we update to the latest
1.3, we should be fine to. (I'm not gonna do the update.)
OBATA Akio / obache%NetBSD.org@localhost
Main Index |
Thread Index |