1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • Bug#1053512: encfs: Will EncFS be removed from Debian? / How unsecure i

    From Eduard Bloch@21:1/5 to c.buhtz@posteo.jp on Thu Dec 26 16:40:01 2024
    On Thu, 05 Oct 2023 12:37:46 +0000 Christian Buhtz <c.buhtz@posteo.jp> wrote:

    There is a bug ticket at upstream summarizing some of the information

    https://github.com/vgough/encfs/issues/314

    As member of upstream maintenance team for "Back In Time" (https://github.com/bit-team/backintime) currently depending on EncFS, I try to
    find out how to deal with the problem. I also try to find out how big the problem really is.

    Debian seems to keep EncFS. That indicates to me that the problem can not be so
    big.
    As upstream maintainer of Back In Time I'm unsure how to evaluate the situation. We do think about to remove EncFS because of the security issues.

    Just because of my lazyness [TM] and because it has not shown critical integration issues yet. Upstream has declared it EOL some months ago,
    and I will probably move the package to oldlibs and change the old
    description into a warning. For details and alternatives, see:

    https://github.com/vgough/encfs?tab=readme-ov-file#status

    Best regards,
    Eduard.

    --
    <pasc> man
    <pasc> the AMD64 camp is not helped by the list of people supporting it
    <pasc> when nerode is on your side, you know you're doing something wrong

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)