Package: mixmaster Version: 3.0.0-8.1 Severity: important Dear Maintainer,
while I understand mixmaster no longer exists in unstable/testing,
there are issues in stable and oldstable that require attention:
* noreply.org is gone
The shipped value "SOURCE noreply" in /etc/mixmaster/update.conf causes
error messages from /etc/cron.daily/mixmaster since noreply.org no
longer exists and will not come back - and also was last updated in
September 2018.
Suggested solution: Change to an operational service, "austria" works
for me.
* Updates are in the plain
These updates are done in plaintext http, and no, they are no cryptographic
signatures that could provide integrity.
Suggested solution: Check for services that provide the data using
https as well, and update /etc/mixmaster/allpingers.txt accordingly.
Again, "austria" (i.e. www.tahina.priv.at) supports this.
Both issues should be fixed in the still supported versions, via a
point release in stretch, and by an upload to LTS for jessie. Since as
of now, the anonymity mixmaster should provide might no longer be
granted.
Christoph
-- System Information:
Debian Release: 9.6
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500,
'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.13 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8),
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: unable to detect
Versions of packages mixmaster depends on:
ii adduser 3.115
ii debconf [debconf-2.0] 1.5.61
ii libc6 2.24-11+deb9u3
ii libmailtools-perl 2.18-1
ii libncurses5 6.0+20161126-1+deb9u2
ii libpcre3 2:8.39-3
ii libssl1.0.2 1.0.2q-1~deb9u1
ii libtinfo5 6.0+20161126-1+deb9u2
ii libwww-perl 6.15-1
ii zlib1g 1:1.2.8.dfsg-5
Versions of packages mixmaster recommends:
pn postfix | mail-transport-agent <none>
Versions of packages mixmaster suggests:
ii mutt 1.7.2-1+deb9u1
signature.asc
Description: PGP signature
