diff options
| author |   Unit 193 <unit193@ubuntu.com> | 2015-05-12 17:04:24 -0400 |
|---|---|---|
| committer | Unit 193 <unit193@ubuntu.com> | 2015-05-12 17:04:24 -0400 |
| commit | 67582c5c534bcc5b2b492949b00d44413110be73 (patch) | |
| tree | 99878cdc2677600c802e8c0f2e69f40dd38657cd /blacklist | |
Initial commitvivid
Diffstat (limited to 'blacklist')
| -rw-r--r-- | blacklist | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/blacklist b/blacklist new file mode 100644 index 0000000..50b0fa2 --- /dev/null +++ b/blacklist @@ -0,0 +1,72 @@ +# blacklist: gnome1 +# We want to avoid shipping GNOME 1.x components if possible +gconf +libxml +libcapplet +gnome-bin +gnome-libs + +# blacklist: misc +# Packages which are pulled in incidentally (typically by build-dependencies) +# and could be trivially replaced with something that we ship + +# java-common build-depends +#dpsyco +# various build-depends, pulls in lua, consider standarizing html->text +#elinks +# could be removed by getting rid of CHILL, which nothing uses +gcc-2.95 +# tcl8.3 and tcl8.4 is more than enough, consider dropping tcl8.3 too +tcl8.0 +# no one actually uses this anymore +#zephyr +# mdz, 2004-06-15: only pulled in by vim +ruby1.8 + +# blacklist: security +# +# Packages which are not supportable from a security standpoint +# + +## mdz: Packages noticed in 2004-06-14 review of germinate output +uw-imap +# We shall only ship current kernel-source +kernel-source-2.4.22 +kernel-source-2.4.23 +kernel-source-2.4.24 +kernel-source-2.4.25 +kernel-source-2.2.25 +# results in lots of unwanted setuid-ness; modern stuff uses X or fb +svgalib +# we ship server software with TLS built-in +stunnel + +# mdz, 2004-06-15 +apache + +## Packages which haven't shown up yet; make sure they don't sneak in + +# mdz, 2004-06-14: many, many bugs and unmaintained (both debian and upstream) +metamail +# mdz, 2004-06-14: lots of unsafe string handling, CVE-2002-0789, +# CAN-2003-0436, CAN-2003-0437 +mnogosearch +# mdz, 2004-06-14: requires no explanation +wu-ftpd +# mdz, 2004-06-14: CAN-2003-0781, unmaintained upstream, Debian#210444 +ecartis +# mdz, 2004-06-14: lots of DoS and other badness, CAN-2003-0946, CAN-2004-0270, +# debian#209084 +clamav +# mdz, 2004-06-14: upstream deliberately obfuscates vulnerabilities +# mdz, 2004-06-20: CAN-2002-0757, CAN-2003-0101, SNS 74, SNS 75 +webmin + +# we do not want LibreOffice at this time. +libreoffice-core +libreoffice-writer +libreoffice-common +libreoffice-hyphenation +libreoffice-base-core +libreoffice-l10n + |