Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 07 Feb 2017 09:25:29 +0100
From:      Bernard Spil <brnrd@FreeBSD.org>
To:        Mathieu Arnold <mat@freebsd.org>
Cc:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   Re: svn commit: r433225 - head/security/pgp
Message-ID:  <b4939aed9b90d37751df0ecd4cd110c4@FreeBSD.org>
In-Reply-To: <06eb3453-c9a1-9854-789b-1335b51979b8@FreeBSD.org>
References:  <201702031406.v13E6xXd008998@repo.freebsd.org> <06eb3453-c9a1-9854-789b-1335b51979b8@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 2017-02-06 14:14, Mathieu Arnold wrote:
> Le 03/02/2017 à 15:06, Bernard Spil a écrit :
>> Author: brnrd
>> Date: Fri Feb  3 14:06:59 2017
>> New Revision: 433225
>> URL: https://svnweb.freebsd.org/changeset/ports/433225
>> 
>> Log:
>>   security/pgp: Mark deprecated
>> 
>>     - Security/privacy software last updated in 1996
>>       has no place in security
>> 
>> Modified:
>>   head/security/pgp/Makefile
>> 
>> Modified: head/security/pgp/Makefile
>> ==============================================================================
>> --- head/security/pgp/Makefile	Fri Feb  3 13:24:53 2017	(r433224)
>> +++ head/security/pgp/Makefile	Fri Feb  3 14:06:59 2017	(r433225)
>> @@ -13,6 +13,8 @@ COMMENT=	PGP International version - Pub
>> 
>>  ONLY_FOR_ARCHS=	i386 amd64 sparc64
>>  BROKEN_amd64=	unable to validate signatures
>> +DEPRECATED=	Software released in 1996 has no place in the security 
>> category. Use GnuPG in stead
> 
> That sounds like some kind of personal statement. Which I do not think
> has its place in the ports framework.
> Are there known bugs, or security flaws that have not been addressed?
> Because if not, I do not see any reason to remove it.
> 
>> +EXPIRATION_DATE=	2017-04-01

Hi Mathieu,

I've looked for vulnerabilities but this software is so old that it 
pre-dates the databases. People needing 'pgp' may end up finding this 
port and using it which should be prevented.

Agreed, this is more of a personal statement. I'm open for suggestions 
for better wording.

Cheers,

Bernard.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b4939aed9b90d37751df0ecd4cd110c4>