Your message dated Mon, 7 Dec 2009 19:18:24 -0200
with message-id <20091207211824.ga5...@gladiador.dv.utfpr.edu.br>
and subject line Re: Bug#559627: ziproxy: should this package be removed?
has caused the Debian Bug report #559627,
regarding ziproxy: should this package be removed?
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
559627: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559627
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: ziproxy
Version: 2.5.2-2
Severity: serious
Justification: security-buggy, low popcon, two uploads ever
User: debian...@lists.debian.org
Usertags: proposed-removal
ziproxy seems like a possible candidate for removal from Debian:
* security-buggy (CVE-2009-0804: HTTP Host Header Incorrect Relay Behavior
Vulnerability) with no response from the maintainer
* low popcon (15 votes)
* runs as root, according to #543471
If you want to keep this package around in Debian, please just close this bug,
and do an upload to fix the issues in it.
If you don't think it's worth keeping, please send the following commands
to cont...@bugs.debian.org, replacing nnnnnn with this bug's number:
severity nnnnnn normal
reassign nnnnnn ftp.debian.org
retitle nnnnnn RM: <packagename> -- RoM; <reasons>
thanks
For more information, see
http://wiki.debian.org/ftpmaster_Removals
http://ftp-master.debian.org/removals.txt
Regards,
smcv
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
* Simon McVittie (s...@debian.org) wrote:
> Package: ziproxy
> Version: 2.5.2-2
> Severity: serious
> Justification: security-buggy, low popcon, two uploads ever
> User: debian...@lists.debian.org
> Usertags: proposed-removal
>
> ziproxy seems like a possible candidate for removal from Debian:
>
> * security-buggy (CVE-2009-0804: HTTP Host Header Incorrect Relay Behavior
> Vulnerability) with no response from the maintainer
> * low popcon (15 votes)
> * runs as root, according to #543471
>
> If you want to keep this package around in Debian, please just close this bug,
> and do an upload to fix the issues in it.
>
> If you don't think it's worth keeping, please send the following commands
> to cont...@bugs.debian.org, replacing nnnnnn with this bug's number:
>
> severity nnnnnn normal
> reassign nnnnnn ftp.debian.org
> retitle nnnnnn RM: <packagename> -- RoM; <reasons>
> thanks
>
> For more information, see
> http://wiki.debian.org/ftpmaster_Removals
> http://ftp-master.debian.org/removals.txt
>
> Regards,
> smcv
I will fix the bugs of the ziproxy package.
Sorry about this issue. The security-buggy was already fixed [1], but I had
problems with my sponsor to upload the package to the Debian repository. In a
few days I will send the upload using the mentors.debian.net service.
[1] http://git.debian.org/?p=collab-maint/pkg-ziproxy.git
Thanks,
Talau
signature.asc
Description: Digital signature
--- End Message ---
