On Tue, Jun 16, 2026 at 05:48:42AM +0200, Salvatore Bonaccorso wrote: > Source: libcrypt-dsa-perl > Version: 1.20-1 > Severity: serious > Justification: not suitable for stable release > X-Debbugs-Cc: Dominic Hargreaves <[email protected]>, [email protected], > [email protected] > > Hi > > Cc'ing in particular Dominic if he wants to raise an objection. > > Crypt::DSA is deprecated and should actually not be used anymore, has > security issues (which though got fixed so far). > > I propose to still keep libcrypt-dsa-perl out of testing and not to > get included in forky. If Dominic agrees maybe even already remove it > from unstable/testing. There are no issues with the removal itself: > > ,---- [ dak rm --suite=unstable -n -R libcrypt-dsa-perl ] > | Will remove the following packages from unstable: > | > | libcrypt-dsa-perl | 1.21-1 | source, all > | > | Maintainer: Debian Perl Group <[email protected]> > | > | ------------------- Reason ------------------- > | > | ---------------------------------------------- > | > | Checking reverse dependencies... > | No dependency problem found. > `---- > > And there is low and sinking popcon usage: > https://qa.debian.org/popcon.php?package=libcrypt-dsa-perl
No concerns on my side; despite being in the Uploaders list, I don't recall any particular use case. Dominic
