Package: ftp.debian.org
Severity: normal

Hi

As prompted by http://www.openwall.com/lists/oss-security/2017/11/07/4
and has been reported to the BTS as #881097:

libnet-ping-external-perl is basically unmaintained upstream and has a
command injection vulnerability reported upstream without having had a
reply. Thus thinking this is basically unmaintained upstream. The same
version is back in wheezy.

There are no packages depending on it in Debian, so it looks the
safest course of action is to remove it from unstable (possibly as
well from other suites later on via point release) and not having it
included in buster.

Regards
Salvatore

Reply via email to