https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/ This is related to Bug 29023 and Bug 29025 also discussed in the above.
No particular committer evident for this SRPM, so assigning this globally.
Assignee: bugsquad => pkg-bugs
Blocks: (none) => 30163
$ urpmq --whatrequires perl-Net-IPv4Addr perl-MondoRescue perl-Net-Packet $ urpmq --whatrequires perl-MondoRescue mindi $ urpmq --whatrequires perl-Net-Packet perl-Net-Packet-Target $ urpmq --whatrequires perl-Net-Packet-Target $ urpmq --whatrequires mindi mondo $ urpmq --whatrequires mondo So to remove perl-Net-IPv4Addr we should also drop perl-MondoRescue, perl-Net-Packet, perl-Net-Packet-Target, mindi and mondo.
CC: (none) => geiger.david68210
All added in tasks obsoletes
Resolution: (none) => FIXEDCC: (none) => mageiaStatus: NEW => RESOLVED
Well, as an upstream for MondoRescue, I'd have like to bein copy of this report :-(
CC: (none) => bruno
Seriously? I sent you a private email about this situation and you never did anything!
Hopefully there's another perl module that provides the needed functionality that it can be ported to (obviously one unaffected by the security issue), if you'd like to revive mondo.
We do need to be responsive to security issues, and don't need people to get upset about packages being dropped before a new Mageia version is branched. As has been explained many times in the past, packages can be re-added if it's appropriate.
Well, I did it upstream, but didn't provide it to mageia sorry. That should now being better in the other bug report https://bugs.mageia.org/show_bug.cgi?id=33912
And the issue is that mondo was left (mondo-3.2.2-5.mga9.x86_64.rpm), where mindi was dropped.