[SCM] Crypt::RC4 packaging branch, master, updated. upstream/2.02-3-gdb01141

Nicholas Bamber nicholas at periapt.co.uk
Sun Sep 18 14:00:37 UTC 2011


The following commit has been merged in the master branch:
commit db01141bc1d1b5ccd611067dd996ed037f94dc0c
Author: Nicholas Bamber <nicholas at periapt.co.uk>
Date:   Sun Sep 18 15:05:48 2011 +0100

    Updated long description (Closes: #641950)

diff --git a/debian/changelog b/debian/changelog
index 6d08bb7..d7723bf 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+libcrypt-rc4-perl (2.02-2) UNRELEASED; urgency=low
+
+  * Updated long description (Closes: #641950)
+
+ -- Nicholas Bamber <nicholas at periapt.co.uk>  Sun, 18 Sep 2011 15:04:58 +0100
+
 libcrypt-rc4-perl (2.02-1) unstable; urgency=low
 
   * Initial Release (Closes: #641887).
diff --git a/debian/control b/debian/control
index ca3e039..0797e5c 100644
--- a/debian/control
+++ b/debian/control
@@ -14,14 +14,12 @@ Package: libcrypt-rc4-perl
 Architecture: all
 Depends: ${misc:Depends}, ${perl:Depends}
 Description: Perl implementation of the RC4 encryption algorithm
- A simple implementation of the RC4 algorithm, developed by RSA Security, Inc.
- Here is the description from RSA's website:
+ Crypt::RC4 is intended to be a simple implementation of the RC4 algorithm,
+ which can be used to generate a pseudo-random stream of bits (or keystream).
  .
- RC4 is a stream cipher designed by Rivest for RSA Data Security (now RSA
- Security). It is a variable key-size stream cipher with byte-oriented
- operations. The algorithm is based on the use of a random permutation.
- Analysis shows that the period of the cipher is overwhelmingly likely to be
- greater than 10100. Eight to sixteen machine operations are required per
- output byte, and the cipher can be expected to run very quickly in software.
- Independent analysts have scrutinized the algorithm and it is considered
- secure.
+ It should be noted that the RC4 protocol itself is severely broken, and the
+ upstream Perl module has not been updated since Dec 2001. It is included in
+ Debian only because it is needed by other packages. In general this package
+ should not be used for new projects, and where it is used appropriate
+ defensive methods should be understood and applied.
+

-- 
Crypt::RC4 packaging



More information about the Pkg-perl-cvs-commits mailing list