On Thu, 19 Mar 2020 05:53:24 +0100, Salvatore Bonaccorso wrote: > CVE-2020-10674[0]: > | PerlSpeak through 2.01 allows attackers to execute arbitrary OS > | commands, as demonstrated by use of system and 2-argument open. > > Gregor, the module seem to be basically unmaintained, I would propose > to actually remove the package from unstable and likely given there > are no reverse dependencies as well from any other suite. What do you > think?
I agree. No upstream releases for ages, no rdeps, hardly any users according to popcon, and a problematic design. Feel free to remove it from anywhere you find it :) Cheers, gregor -- .''`. https://info.comodo.priv.at -- Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe `-
signature.asc
Description: Digital Signature
