On Tue, 16 Jan 2018 at 09:09 Salvatore Bonaccorso <car...@debian.org> wrote:
> Hi, > > On Tue, Jan 16, 2018 at 06:56:19AM +0000, Tristan Seligmann wrote: > > On Mon, 15 Jan 2018 at 22:21 Moritz Mühlenhoff <j...@inutil.org> wrote: > > > > > Ok, I'll update the Debian Security Tracker accordingly, but we also > should > > > remove the package in the next stable point release. > > > Can you please also file a bug? (reportbug release.debian.org -> "rm") > > > > > > > Yes, good point; I have filed this as #887412. > > Does the same reasoning as well apply to the version in > oldstable/jessie? If so we might want to remove it from there as well > (just fill a second RM bug specific for the jessie version). > Done (#887415). The jessie version is too old to be affected by the security issue, but otherwise has the same problem (cannot connect to the network) as well as probably calculating fees for offline transacting that are way too low for the current situation.
