tags 854043 -patch thanks Hi,
Thank you for this bug report and patch, and sorry for the long delay without acknowledging it. On Fri, Feb 03, 2017 at 11:31:18PM +1100, Konomi Kitten wrote:
I have attached a patch to fix this, however the bug report has a comment mentioning that update-smart-drivedb is a security risk and has been dropped in releases above the current stable (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=824149#10). I am therefor requesting the feature either be fixed in stable (whichever patch works best) or it be removed from the stable package for being a security risk.
Very sensible request. The situation today has moved on a little bit: the version in stable no longer carries update-smart-drivedb (because we released stretch after your bug was filed), so only oldstable (and old-oldstable) are now affected. Oldstable is being supported by the Debian LTS effort. Its possible that we could pursue dropping update-smart-drivedb from the oldstable package via the LTS route, but I'm not sure whether the LTS managers would be interested. We can ask... I don't think there's any likelyhood that we could get your patch applied there. I'm untagging this bug "patch" as a result, so the maintainer dashboards for smartmontools don't nag us to apply it :-) Sorry we didn't respond sooner, and thanks again for taking the time to try and fix this. -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Jonathan Dowland ⢿⡄⠘⠷⠚⠋⠀ https://jmtd.net ⠈⠳⣄⠀⠀⠀⠀
