On 3/3/07, Moritz Muehlenhoff <[EMAIL PROTECTED]> wrote:
Package: wordpress
Severity: serious
On behalf of the Security Team I'm requesting the removal of Wordpress
from Etch. There's a steady flow of security issues being found in
Wordpress and we don't believe it's sanely maintainable over the
course of 30-36 months. (Etch life-time)
I didn't know the debian security team was entitled to ask for package
removal based on FUD.
Wordpress is well maintained, both upstream and in Debian. What the heck?
As to the "even more worrying" point, let's just recall that this is
exactly what happened to openssh[0]. And we had a number of Debian
machines compromised. Shit happens, I don't think that's a reason to
ask for package removal. This is plain and pure FUD.
T-Bone
[0] http://www.openssh.com/txt/trojan.adv
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
