Re: Reducing the attack surface caused by Berkeley DB...
- Date: Sat, 27 Jan 2018 01:42:57 +0100
- From: Guillem Jover <guillem@xxxxxxxxxx>
- Subject: Re: Reducing the attack surface caused by Berkeley DB...
On Thu, 2018-01-25 at 23:59:06 +0100, Lionel Debroux wrote:
> Several days ago, jmm from the security team suggested that I start a
> discussion on debian-devel about Berkeley DB, which has known security
> issues, because doing so may enable finding a consensus on how to move
> away from it in Debian (which is hard). So here's a post :)
> Do you think we should start the journey of getting rid of libdb5.3 at a
> wide scale ? And if so, how to optimize resource usage in general ? :)
As with many things in Debian, this was already discussed some years
ago. :) The maintainers are supposedly even on board, see the thread