Package: jetty
Severity: serious
When browsing through open security issues in Lenny I noticed that several
Jetty security fixes have been unfixed for quite some time (#454529),
although upstream has posted a patch in July.
Since it's only in contrib, outdated (current upstream releases are 6 and
7), fairly unmaintained (last upload a year ago, unfixed security issue) and
with hardly any users (only three in popcon) we should probably remove
it from Lenny.
(It should be noted that due to Jetty being in contrib it's not
covered by security support, so it doesn't impose additional
security maintenance overhead if left in Lenny).
Cheers,
Moritz
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash
_______________________________________________
pkg-java-maintainers mailing list
pkg-java-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/pkg-java-maintainers
