Package: htdig Version: 1:3.2.0b6-1 Severity: important
Hi, in /etc/htdig/htdig.conf one reads: start_url: http://www.htdig.org/ If the Debian admin does not change this, each day the htdig.org website will be crawled. Multiplied by the number of Debian installation left in this default state, this could cause a DDoS for the htdig.org website. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (100, 'unstable'), (99, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-1-686 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages htdig depends on: ii debconf [debconf-2.0] 1.5.2 Debian configuration management sy ii libc6 2.3.999.2-8 GNU C Library: Shared libraries ii libgcc1 1:4.2-20060709-1 GCC support library ii libstdc++6 4.2-20060709-1 The GNU Standard C++ Library v3 ii lockfile-progs 0.1.10 Programs for locking and unlocking ii perl 5.8.8-6 Larry Wall's Practical Extraction ii zlib1g 1:1.2.3-13 compression library - runtime htdig recommends no packages. -- debconf information: * htdig/announce_package_split: * htdig/run-htnotify: false * htdig/run-rundig: true * htdig/generate-databases: false * htdig/keep-databases: htdig/dblocation-changed: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]