Moritz Muehlenhoff wrote...
> Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4652
> for patches.
According to that page this affects only versions 13 and 14, and only
if TLS is enabled.
Currently there's 0.12.1 in Debian, and without TLS support. You
might want to close that bug report.
> Since this package is apparently both unmaintained, unused and lagging
> behind the current upstream, the cleanest solution might be a removal
> from the archive.
I have tried to convince the maintainers to keep up with upstream for
several months now, without success. NMU of upstream version 15 to
delayed/7 will follow within the next hours.
Christoph
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
