Source: dogtag-pki Version: 11.2.1-2 Severity: important User: helm...@debian.org Usertags: sidremove
Hi, in addition to automatic removal suggestions, I would like to suggest removing dogtag-pki from unstable. It is not part of bookworm nor trixie. It is a non-key leaf package. It has been last uploaded more than a year ago. It has four distinct RC bugs, of which one has a patch since at least four months. It also fails to build from source since at least three months. It has a privilege escalation vulnerability. It depends on tomcatjss, which is also rc buggy and cannot be removed, because it has dogtag-pki as sole reverse dependency. If you disagree with the removal suggestion, please add a wontfix tag to this bug. Otherwise, I'll reassign it into a proper removal bug in about a month. Helmut
