Hi, On Fri, Jan 31, 2020 at 10:59:05PM +0200, Adrian Bunk wrote: > Source: radare2 > Severity: grave > Tags: security > > It is understandable (and normal for most software) that upstream > is not able or willing to provide security support for the old > version shipped in stable distribution releases. > > But below seems to be upstream actively encouraging exploiting > the version in stable. > > AFAIK Debian in general tries to avoid shipping software when upstream > strongly objects to it, or is openly hostile towards Debian.
[...] FTR, this was as well raised back in [1]. AFAIK there was no direct feedback to the question from Moritz back then. [1] https://lists.debian.org/debian-security/2019/08/msg00033.html Regards, Salvatore