Control: retitle -1 RM: denyhosts -- RoST; upstream dead; unmaintained; dysfunctional in sid Control: severity -1 normal Control: reassign -1 ftp.debian.org
On Fri, Dec 20, 2013 at 04:10:21PM +0100, Helmut Grohne wrote: > We, the Debian security team, believe that denyhosts should not be > released with Debian jessie and further releases for the following > reasons: > > * There are unaddressed security issues (e.g. #692229). > * The tool is dead upstream (last release 2008). > * There is a viable alternative, fail2ban, that provides the same or > increased feature set. > > For these reasons we deem denyhosts unsupportable during the jessie > release cycle. It appears that at least none of the maintainers disagree with this reasoning. In other words, I didn't get a single reply since disclosing the issue. In the mean time I noticed that the security uploads introduced a(nother) regression #734329. While it appears to be fixable for squeeze and wheezy, it is more involved for jessie and sid. Thus I am accelerating the removal process in order to go with the simple fix for said regression. Helmut -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
