doko asked me to give these a quick look. There are no open CVEs in any of them and only libcrypt-cbc-perl has a CVE history: CVE-2006-0898 (fixed via debian sync prior to dapper release). I reviewed the changes for the fix and they were easy to understand. As for the libcrypt-* packages listed here, they all have testsuites and look to be supportable. Nothing here needs further security review.
** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2006-0898 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1493037 Title: lib*-perl dependencies of dh-golang and libtype-tiny-perl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1493037/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs