Web lists-archives.com

Re: Reducing the attack surface caused by Berkeley DB...




Hi!

On Thu, 2018-01-25 at 23:59:06 +0100, Lionel Debroux wrote:
> Several days ago, jmm from the security team suggested that I start a
> discussion on debian-devel about Berkeley DB, which has known security
> issues, because doing so may enable finding a consensus on how to move
> away from it in Debian (which is hard). So here's a post :)

> ---
> Do you think we should start the journey of getting rid of libdb5.3 at a
> wide scale ? And if so, how to optimize resource usage in general ? :)
> ---

As with many things in Debian, this was already discussed some years
ago. :) The maintainers are supposedly even on board, see the thread
starting at:

  <https://lists.debian.org/debian-devel/2014/06/msg00328.html>

Thanks,
Guillem