Dear maintainers, I would like to remove python-gdata from Debian Buster because it is dead upstream, had no upstream release since 2013, and has security issues.
More specifically, it bundles an ancient version of tlslite, which has known vulnerabilities: at least CVE-2014-3566, CVE-2013-0169 and CVE-2011-3389. Newer version of tlslite has been removed from Debian in 2014, so I cannot even unbundle it. I intend to NMU weboob, removing the unused recommendation, and bump severities of the remaining bugs to release critical. I will bump the severities after November 1st, 2018. -- Dmitry Shachnev
signature.asc
Description: PGP signature
