Hello development folks,
while waiting for ${things} to finish here, I went through the Pakfire add-on list and came across some packages which - as far as I know - ...
(a) ... are not regularly maintained by a member of the IPFire development team (b) ... do not seem to be frequently installed by our users (c) ... should not run on a firewall for security purposes, anyway
Among these are:
- Asterisk (13.18.5, upstream is currently on 18.0.0) - Icinga (1.11.4, upstream is currently on ~ 1.14.2 and 2.x.y, which comes with a bunch of dependencies such as a database, while Icinga 1.x was more or less a standalone system) - libsrtp (1.5.4, upstream is currently on 2.3.0) - OpenLDAP (2.4.49, upstream is currently on 2.4.55) - SANE (1.0.28, upstream is currently on 1.0.31, this should not be too hard, but I am not aware of IPFire users needing this) - SquidClamAV (since the overwhelming majority of web traffic is encrypted by now, I guess it makes little sense to ship this add-on anymore. Upstream seems to be unmaintained - most people are doing this via ICAP those days -, and this also arises the question why we need ClamAV anymore) - sslh (1.7a, upstream is currently on 1.21c) - transmission (2.94, upstream is currently on 3.00, but I do not observe a broader user group for this)
Are we able to drop those add-ons entirely? If yes, I will submit patches to do so. :-)
Thanks, and best regards, Peter Müller