Simon McVittie wrote:
> Package: aolserver
> Version: 4.5.1-18.1
> Severity: serious
> Justification: network-facing service, appears unmaintained upstream
> User: debian...@lists.debian.org
> Usertags: proposed-removal
>
> Turning this into a proposed-removal bug.
>
> On Tue, 27 Feb 2018 at 14:57:59 +0100, Sebastian Andrzej Siewior wrote:
> > I stumbled upon aolserver4 because aolserver4-nsopenssl is bot building
> > against openssl 1.1 and the former is the only user.
> > The first upload of aolserver4 4.5.1 was in 2009. I assume that this was
> > the last release of the server by upstream. The homepage referenced in
> > the package provides a (port 80 only) redirect to aol.com which does not
> > mention the server (or I can't find it). The aol.com domain seems to be
> > served by Apache Traffic Server. I get the feeling that AOL is no longer
> > looking after its server from the old days.
> > The popcon for the package is low.
> >
> > So my question: Can we remove aolserver4 from the archive?
>
> debian/copyright points to http://aolserver.sf.net/ where the latest news
> item is about it being copied to github in 2010.
> https://github.com/aolserver/aolserver got its latest commit in 2009.
>
> This looks fairly dead to me, and unless its maintainer knows better, I
> don't think there is going to be any upstream security support.
Ack, let's proceed with removal I'd say.
Cheers,
Moritz
