Web lists-archives.com

Bug#891633: aolserver4: Should this package be removed?

Package: aolserver
Version: 4.5.1-18.1
Severity: serious
Justification: network-facing service, appears unmaintained upstream
User: debian-qa@xxxxxxxxxxxxxxxx
Usertags: proposed-removal

Turning this into a proposed-removal bug.

On Tue, 27 Feb 2018 at 14:57:59 +0100, Sebastian Andrzej Siewior wrote:
> I stumbled upon aolserver4 because aolserver4-nsopenssl is bot building
> against openssl 1.1 and the former is the only user.
> The first upload of aolserver4 4.5.1 was in 2009. I assume that this was
> the last release of the server by upstream. The homepage referenced in
> the package provides a (port 80 only) redirect to aol.com which does not
> mention the server (or I can't find it). The aol.com domain seems to be
> served by Apache Traffic Server. I get the feeling that AOL is no longer
> looking after its server from the old days.
> The popcon for the package is low.
> So my question: Can we remove aolserver4 from the archive?

debian/copyright points to http://aolserver.sf.net/ where the latest news
item is about it being copied to github in 2010.
https://github.com/aolserver/aolserver got its latest commit in 2009.

This looks fairly dead to me, and unless its maintainer knows better, I
don't think there is going to be any upstream security support.

It has also not been uploaded since an NMU that went into stretch, so
if it's removed from unstable, it will be trivial for prospective users
or maintainers to retrieve it from stretch.

If you want to keep this package around in Debian, please close this bug.
If not, please send the following commands to control@xxxxxxxxxxxxxxx,
replacing nnnnnn with this bug's number:

severity nnnnnn normal
reassign nnnnnn ftp.debian.org
retitle nnnnnn RM: aolserver4 -- RoQA; unmaintained upstream, alternatives exist, low popcon

(or replace RoQA with RoM if you are the maintainer)

For more information, see