On 2016-11-20 18:02, Jonathan Wiltshire wrote: > In principle 'yes'; please prepare the diff and attach to this bug for > review.
Attached.
diff --git a/debian/NEWS b/debian/NEWS new file mode 100644 index 0000000..18ab932 --- /dev/null +++ b/debian/NEWS @@ -0,0 +1,14 @@ +wot (20151208-3) unstable; urgency=high + + * WOT has been identified as malware or spyware. + At least since 2015-04, it passes all complete URLs with an + additional user or browser id to their company server. + The company sells the data unfiltered and unanonimized to + paying customers. + + This package is an empty, transitional package to remove + WOT safely from your computer. + Make sure, that users don't have WOT installed by other + means than as Debian package. + + -- W. Martin Borgert <deba...@debian.org> Wed, 09 Nov 2016 20:25:45 +0000 diff --git a/debian/changelog b/debian/changelog index b1c9a53..e22783d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +wot (20131118-2) stable; urgency=high + + * Team upload + * Removed all code, because this is malware (Closes: #842939) + * Changed homepage to Debian wiki page about the malware incident + + -- W. Martin Borgert <deba...@debian.org> Wed, 23 Nov 2016 22:22:56 +0000 + wot (20131118-1) unstable; urgency=low * Team upload diff --git a/debian/control b/debian/control index 3a1c365..273976b 100644 --- a/debian/control +++ b/debian/control @@ -2,10 +2,10 @@ Source: wot Section: web Priority: optional Maintainer: Debian Mozilla Extension Maintainers <pkg-mozext-maintain...@lists.alioth.debian.org> -Uploaders: Fabrizio Regalli <fab...@fabreg.it> -Build-Depends: debhelper (>= 8), mozilla-devscripts (>= 0.29~), node-uglify +Uploaders: David Prévot <taf...@debian.org> +Build-Depends: debhelper (>= 8) Standards-Version: 3.9.5 -Homepage: https://www.mywot.com +Homepage: https://wiki.debian.org/Mozilla/WOT Vcs-Git: git://anonscm.debian.org/pkg-mozext/wot.git Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-mozext/wot.git @@ -16,8 +16,8 @@ Recommends: ${xpi:Recommends} Provides: ${xpi:Provides} Enhances: ${xpi:Enhances} Breaks: ${xpi:Breaks} -Description: show which websites are trustworthy - WOT is the leading website reputation rating tool and one of - Mozilla’s most popular add-ons. WOT uses an intuitive - traffic-light style rating system to help you know which - websites are trusted when you search, surf and shop online. +Description: Transitional package to safely remove WOT + WOT is a malware providing users browser habits to paying + customers. It has therefore been disabled in Debian. + . + This package can be safely removed after upgrade. diff --git a/debian/rules b/debian/rules index e3f9169..41276fa 100755 --- a/debian/rules +++ b/debian/rules @@ -1,17 +1,9 @@ #!/usr/bin/make -f %: - dh $@ --with xul-ext --buildsystem=xul_ext - -override_dh_auto_build: - mv $(CURDIR)/chrome/wot.jar\!/content/libs/jquery.js $(CURDIR)/debian/jquery.js.bkp - uglifyjs -o $(CURDIR)/chrome/wot.jar\!/content/libs/jquery.js \ - $(CURDIR)/chrome/wot.jar\!/content/libs/jquery-ui-1.9.2.custom.js - dh_auto_build -O--buildsystem=xul_ext - mv $(CURDIR)/debian/jquery.js.bkp $(CURDIR)/chrome/wot.jar\!/content/libs/jquery.js + dh $@ override_dh_auto_install: - install-xpi --remove-license-files xul-ext-wot.xpi - rm -r $(CURDIR)/debian/xul-ext-wot/usr/share/xul-ext/wot/META-INF + true override_dh_installchangelogs: dh_installchangelogs $(CURDIR)/debian/upstream-changelog
