On Mon, May 06, 2019 at 12:00:22PM -0400, Sam Hartman wrote: > Package: ftp.debian.org > Severity: normal > > Hi. As discussed in > https://cointelegraph.com/news/phishing-attack-on-electrum-wallet-nets-hacker-almost-1-million-in-hours-report > the version of electrum in sid is vulnerable to mallware and has been > disabled by the electrum servers. So basically the version in sid is > only useful for getting your bitcoin phished. At least until this > version is updated it should be removed. See #921688 for details. > > I understand that removing electrum means that it will need to take a > trip through new once fixed. > I think in this instance given that we haven't fixed such a critical issue in > months, it is justified. Note that it doesn't help with already installed packages.
-- WBR, wRAR
signature.asc
Description: PGP signature