On Fri, Sep 03, 2010 at 06:56:04PM +0200, Julien Cristau wrote:
> On Mon, Feb 1, 2010 at 00:51:43 -0500, Daniel Kahn Gillmor wrote:
>
> > here is a revised patch for #511582 for opie, including a slightly
> > simpler fix for misaligned XORs and also fixing a lintian error and
> > several lintian warnings.
> >
> > However, it still does not resolve the licensing concerns described on
> > this bug, and it also leaves several lintian warnings unresolved:
> >
> > W: opie source: package-uses-deprecated-debhelper-compat-version 3
> > W: opie source: debian-rules-sets-DH_COMPAT line 5
> > W: opie source: ancient-standards-version 3.6.1.0 (current is 3.8.3)
> > W: opie-server: non-standard-file-perm etc/opiekeys 0600 != 0644
> > W: opie-server: setuid-binary usr/bin/opiepasswd 4755 root/root
> >
> > In particular, i'm concerned that this package has a setuid binary, has
> > had only NMUs since 2004, hasn't been reviewed for recent Standards or
> > debhelper versions, and http://bugs.debian.org/511582#30 suggests that
> > the maintainer seems to think that we should move away from the codebase.
> >
> > I'm wondering if we should remove the package from the archive entirely
> > as a result of this review. I'm not comfortable NMUing a package with
> > these outstanding concerns.
> >
> In order to remove the package, we'd have to remove its reverse
> dependencies, or change them to not need libopie-dev. According to dak,
> that would be cyrus-sasl2, inetutils and libpam-opie. Is opie an
> optional dependency for those packages (I'm guessing not for
> libpam-opie, no idea for the others)?
cyrus-sasl2 would need to drop the libsasl2-modules-otp binary package.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
