On Tuesday 19 February 2008 13:57, Romain Beauxis wrote: > Package: gnome-peercast > Version: 0.5.4-1.1 > Severity: grave > Tags: security > Justification: user security hole > > > Hi ! > > CVE-2007-6454 as been fixed for peercast, but since this package > includes a static version of the code, the vulnerability still applies > there. > > As a side note, I've already done a lot of things to try to fix this, > but upstream seems not to care at all, and didn't maintain this package > for 1 year (last upload was my NMU)...
So am I right to conclude that we'd better remove this package rather than to try and fix it? Thijs
pgpJRZyJWf49q.pgp
Description: PGP signature
