[Bug 432119] Re: Remove from archive.

[Dave Walker]

The last commiter (5 months ago) is one of the more active people in
debian-voip.  That person hasn't responded to the thread linked above
asking for it to be removed.

I am concerned that this vulnerability has been in the wild since
2008-03-24, and upstream hasn't yet responded with a resolution.

I would imagine it would be prudent to remove from the archive until a
suitable solution has been found.  I do not believe a suitable security
fix will be made any time soon from either Ubuntu or Debian developers.

Looking at the linked bug report that I made, there should be no doubt -
it is a *VERY* serious security vulnerability.

Additionally, the package is not compatible with the Asterisk currently
in the Karmic archives, and i'm not every sure it is compatible with any
version other than the one in Dapper.

If the above points are resolved, then surely it could be re-introduced?

-- 
Remove from archive.
https://bugs.launchpad.net/bugs/432119
You received this bug notification because you are a member of Ubuntu
Package Archive Administrators, which is a direct subscriber.