Hi,
our net/ejabberd port use v2.1.12 released in 02/2013
https://github.com/processone/ejabberd/releases/tag/v2.1.12
I think we should remove it because it's an outdated network daemon
which, per github, received 4780 commits since our version.
I can not find any CVE that apply for version >= 2.1.12 though.
I'm not using it and there is no MAINTAINER, so I have no idea if
running this very old version is safe or not.
so I propose to remove it from ports, except/until someone wants
to take care of updating it?
No comments:
Post a Comment