Package: release.debian.org Severity: normal X-Debbugs-Cc: libnet-easytcp-p...@packages.debian.org, Debian Perl Group <pkg-perl-maintain...@lists.alioth.debian.org>, Gunnar Wolf <gw...@debian.org>, t...@security.debian.org, gre...@debian.org, car...@debian.org Control: affects -1 + src:libnet-easytcp-perl User: release.debian....@packages.debian.org Usertags: rm
Dear SRM, This is the corresponding removal request for libnet-easytcp-perl from stable, relating to #1093385 for unstable and testing. libnet-easytcp-perl has security issues (CVE-2024-56830, note not the same as CVE-2002-20002) where it fallsback to Perl's builtin rand() if no strong randomization module is present, and Crypt::Random is not packaged and used. Furthermore is upstream basically unmaintained, the last version was 0.26 from 2004. Additionally it has low popcon, so I think it is affordable for removal. It can be removed from stable: |$ dak rm --suite=bookworm -n -R libnet-easytcp-perl |Will remove the following packages from bookworm: | |libnet-easytcp-perl | 0.26-6 | source, all | |Maintainer: Debian Perl Group <pkg-perl-maintain...@lists.alioth.debian.org> | |------------------- Reason ------------------- | |---------------------------------------------- | |Checking reverse dependencies... |No dependency problem found. Regards, Salvatore
