Re: [HEADSUP] Removing vulnerable packages

[Thomas Klausner <wiz%NetBSD.org@localhost>]

On Fri, Apr 01, 2011 at 12:58:07PM +0200, Joerg Sonnenberger wrote:
> On Fri, Apr 01, 2011 at 11:47:30AM +0200, Thomas Klausner wrote:
> > crossfire-server-1.11.0
> 
> Don't. Last release seems to be the 1.60.0 series?

Update? :)

> > mpop-1.0.12
> 
> Could be updated to 1.0.13. Issue not relevant in many forms of
> deployment.

I think you mean 1.0.23, and I just did the update.

> > mutt-1.4.2.3
> 
> Not sure if people want to move to mutt-devel...

Why not?

> > suse32_freetype2-10.0
> > suse32_gtk2-10.0
> > suse32_libcups-10.0
> > suse32_openssl-10.0
> > suse_freetype2-10.0
> > suse_gtk2-10.0
> > suse_libcups-10.0
> > suse_openssl-10.0
> 
> Not an option either...

Ok.

> > wxGTK-2.6.3
> > wxGTK24-2.4.2
> 
> I would like to see both die, but got objections from this "wiz" guy
> before :)

I retract my objection, let's see if anyone else has one.

> > zope210-2.10.7
> > zope211-2.11.2
> > zope29-2.9.10
> > zope3-3.3.1
> 
> Not sure how many users of Zope exists, different versions are partially
> incompatible though.

Perhaps we can weed them out. Let's see if someone uses any of them.
 Thomas