Ola Lundqvist wrote: > > > I haven't managed to find any more bugs relating to this particular > > > security hole that isn't fixed by the previous patch in this bug > > > report. kronolith seems to be fairly badly coded wrt security > > > issues though. I'd suggest depreciating kronolith1 and forcing > > > people on to kronolith2, whcih although only a little better, is > > > actually supported upstream. > > > > The problem is that kronolith2 depends on version 3 of the horde > > framework (rather than version 2), that the two versions of horde > > cannot meaningfully cooperate and there are still some horde2 > > applications that have not been ported to horde3. Basically, upstream > > has abandoned horde2 before they ported all their OWN code to horde3. > > > > So dropping horde2 is a regression, which explains why we haven't done > > it yet. But I'm toying with the idea, as we cannot meaningfully > > support it anyway. Ola, your opinion? > > If kronolith1 (named kronolith) can not be fixed, and is not supported > at all by upstream I think we should drop it.
It seems to be removed already. Regards, Joey -- Everybody talks about it, but nobody does anything about it! -- Mark Twain Please always Cc to me when replying to me on the lists. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]