Package: doxygen X-Debbugs-Cc: g...@nonempty.org Version: 1.9.8+ds-2 Severity: normal Tags: upstream
As documented upstream in issue 10354 [1], Doxygen will when MathJax is enabled generate documentation that makes requests to a third-party website when viewed. This is obviously problematic from a privacy point of view, as users expect offline documentation to be offline. For examples of this happening, see e.g. reports for Lintian's privacy-breach-generic tag [2]. Upstream's version 1.10.0 was released just a few days ago, and fixes the issue [3]. Alternatively, the behavior should be easy to patch out (I'm happy to provide a patch/MR). [1] https://github.com/doxygen/doxygen/issues/10354 [2] https://udd.debian.org/lintian-tag.cgi?tag=privacy-breach-generic [3] https://www.doxygen.nl/manual/changelog.html#log_1_10_0
signature.asc
Description: PGP signature