Source: libdkim Version: 1:1.0.21-4 Severity: important X-Debbugs-Cc: [email protected], Magnus Holmgren <[email protected]>, Package Salvaging Team <[email protected]>
Dear Magnus, I suggest removing libdkim from Debian for the following reasons: * Dead upstream * security concern since it allows trivially factorable keys to produce apparently valid signatures (see bug #893461) * There are nearly no votes in popcon https://qa.debian.org/popcon-graph.php?packages=libdkim1d&show_vote=on&want_legend=on&want_ticks=on&from_date=&to_date=&hlght_date=&date_fmt=%25Y-%25m&beenhere=1 * Vcs fields point to inaccessible SVN * Last upload 9 years ago This bug serves as a pre-removal warning. After one month, the bug will be reassigned to ftp.debian.org to actually request removal of the package. In case the package should be removed from unstable, you may reassign this bug report: Control: severity -1 normal Control: retitle -1 RM: libdkim -- RoM; Potentially insecure, dead upstream Control: reassign -1 ftp.debian.org Control: affects -1 + src:libdkim Alternatively, you may wait a month and have it reassigned. In case you disagree with the above, please add a wontfix tag to this bug. Control: tags -1 + wontfix This package was highlighted in the Bug of the Day[3] initiative, which aims to introduce newcomers to manageable tasks and guide them through the workflow to solve them. The focus of this initiative is on migrating packages to Salsa, as it's a great way to help newcomers become familiar with a consistent Git-based workflow. Kind regards Andreas. [1] https://salsa.debian.org/qa/tiny_qa_tools/-/wikis/Tiny-QA-tasks -- System Information: Debian Release: forky/sid APT prefers testing APT policy: (501, 'testing'), (50, 'buildd-unstable'), (50, 'unstable'), (5, 'experimental'), (1, 'buildd-experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.12.38+deb13-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE:de Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
