On Fri, Sep 03, 2010 at 06:56:04PM +0200, Julien Cristau wrote: > On Mon, Feb 1, 2010 at 00:51:43 -0500, Daniel Kahn Gillmor wrote: > > > here is a revised patch for #511582 for opie, including a slightly > > simpler fix for misaligned XORs and also fixing a lintian error and > > several lintian warnings. > > > > However, it still does not resolve the licensing concerns described on > > this bug, and it also leaves several lintian warnings unresolved: > > > > W: opie source: package-uses-deprecated-debhelper-compat-version 3 > > W: opie source: debian-rules-sets-DH_COMPAT line 5 > > W: opie source: ancient-standards-version 3.6.1.0 (current is 3.8.3) > > W: opie-server: non-standard-file-perm etc/opiekeys 0600 != 0644 > > W: opie-server: setuid-binary usr/bin/opiepasswd 4755 root/root > > > > In particular, i'm concerned that this package has a setuid binary, has > > had only NMUs since 2004, hasn't been reviewed for recent Standards or > > debhelper versions, and http://bugs.debian.org/511582#30 suggests that > > the maintainer seems to think that we should move away from the codebase. > > > > I'm wondering if we should remove the package from the archive entirely > > as a result of this review. I'm not comfortable NMUing a package with > > these outstanding concerns. > > > In order to remove the package, we'd have to remove its reverse > dependencies, or change them to not need libopie-dev. According to dak, > that would be cyrus-sasl2, inetutils and libpam-opie. Is opie an > optional dependency for those packages (I'm guessing not for > libpam-opie, no idea for the others)?
cyrus-sasl2 would need to drop the libsasl2-modules-otp binary package. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org