[Bug 2041751] Re: RM: Remove dangerously insecure MPPE PPTP from Ubuntu
Steve Langasek
2041751 at bugs.launchpad.net
Fri Jan 5 03:39:07 UTC 2024
I actually agree that we should aim to remove these packages entirely,
rather than merely demoting them.
I think removal of the server is a clear-cut case. Nobody should need
to run a pptp server nowadays on Ubuntu, and if anyone is, forcing them
to migrate to a better VPN solution on upgrade (or maintaining their own
pptpd without Ubuntu support) is IMHO reasonable.
Removing the client, I think, is less clear-cut. If you don't have a
pptp server to talk to, then shipping the client is harmless. If you DO
have a pptp server to talk to, then the client is essential. Anyone
running a PPTP server on Windows these days should upgrade... but
dropping the client support from Ubuntu doesn't give the Ubuntu users
any more leverage to make their server admin upgrade, it just makes
Ubuntu unusable in such an environment.
So I think we should remove pptpd from the archive for noble, but that
we should propose removal of the clients via discussion with the Debian
maintainers.
** Changed in: pptpd (Ubuntu)
Status: Incomplete => New
--
You received this bug notification because you are a member of Ubuntu
Package Archive Administrators, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2041751
Title:
RM: Remove dangerously insecure MPPE PPTP from Ubuntu
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2041751/+subscriptions
More information about the ubuntu-archive
mailing list