Web lists-archives.com

Re: Reducing the attack surface caused by Berkeley DB...


On Thu, 2018-01-25 at 23:59:06 +0100, Lionel Debroux wrote:
> Several days ago, jmm from the security team suggested that I start a
> discussion on debian-devel about Berkeley DB, which has known security
> issues, because doing so may enable finding a consensus on how to move
> away from it in Debian (which is hard). So here's a post :)

> ---
> Do you think we should start the journey of getting rid of libdb5.3 at a
> wide scale ? And if so, how to optimize resource usage in general ? :)
> ---

As with many things in Debian, this was already discussed some years
ago. :) The maintainers are supposedly even on board, see the thread
starting at: