Hello, while going through the list of open CVE in oldstable I stumbled upon two issues concerning axis2c: https://security-tracker.debian.org/tracker/source-package/axis2c
None of those issues are fixed upstream and they are also not fixed in unstable. It looks like the software is mostly dead upstream with no new releases for years. Shall we declare that axis2c is no longer supportable on squeeze? If yes, what's the way to do that, opening a bug report against debian-security-support? (IIRC we used to drop the package from the release entirely during point releases but this is not possible here). Cheers, -- Raphaël Hertzog ◈ Debian Developer Discover the Debian Administrator's Handbook: → http://debian-handbook.info/get/ -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
