[Secure-testing-team] RM: webkit/1.0.1-4+lenny2
Michael Gilbert
michael.s.gilbert at gmail.com
Fri Aug 27 04:01:37 UTC 2010
Package: release.debian.org
User: release.debian.org at packages.debian.org
Usertags: rm
Severity: normal
Hi,
The lenny webkit package has an insurmountable number of security
vulnerabilities [0]. The version included there was of an experimental
nature, and the only front end available is the builtin GtkLauncher
app, which isn't very functional itself and is likely used by no one.
There are no reverse dependencies.
Please remove the package for the upcoming lenny point release. I've
brought this up with the security team and webkit maintainers [1],[2],
and there has so far been no objection. However, I also didn't get
any responses either way. You may want to try to touch base with
either/both teams directly.
I think removal is the only supportable course of action.
Thanks,
Mike
[0] http://security-tracker.debian.org/tracker/source-package/webkit
[1] http://lists.alioth.debian.org/pipermail/pkg-webkit-maintainers/2010-August/001541.html
[2] http://lists.alioth.debian.org/pipermail/secure-testing-team/2010-August/004281.html
More information about the Secure-testing-team
mailing list