On Sat, Feb 16, 2019 at 12:33:08PM +0000, Debian Bug Tracking System wrote: > Processing commands for cont...@bugs.debian.org: > > > severity 776246 grave > Bug #776246 [librsync1] MD4 collision/preimage attacks (CVE-2014-8242) > Severity set to 'grave' from 'important' > > thanks > Stopping processing here. > > Please contact me if you need assistance. Fixing this requires a transition and removing or patching rdiff-backup so
Checking reverse dependencies...
# Broken Depends:
burp: burp [amd64 arm64 armel armhf i386 kfreebsd-amd64 kfreebsd-i386 mips
mips64el mipsel ppc64el s390x]
csync2: csync2
duplicity: duplicity
rdiff-backup: rdiff-backup
# Broken Build-Depends:
burp: librsync-dev
csync2: librsync-dev
duplicity: librsync-dev (>= 0.9.6)
rdiff
rdiff-backup: librsync-dev
Unfortunately I was too demotivated by the initial state of new librsync
(1.0+) and the API breakage affecting rdiff-backup to proceed with this
during the release cycle.
--
WBR, wRAR
signature.asc
Description: PGP signature
