Bug#928518: RM: electrum -- RoQA; Actively exploited for phishing

To: submit@bugs.debian.org
Subject: Bug#928518: RM: electrum -- RoQA; Actively exploited for phishing
From: Sam Hartman <hartmans@debian.org>
Date: Mon, 06 May 2019 12:00:22 -0400
Message-id: <[🔎] tslo94fwp2h.fsf@suchdamage.org>
Reply-to: Sam Hartman <hartmans@debian.org>, 928518@bugs.debian.org

Package: ftp.debian.org
Severity: normal

Hi.  As discussed in
https://cointelegraph.com/news/phishing-attack-on-electrum-wallet-nets-hacker-almost-1-million-in-hours-report
the version of electrum in sid is vulnerable to mallware and has been
disabled by the electrum servers.  So basically the version in sid is
only useful for getting your bitcoin phished.  At least until this
version is updated it should be removed.  See #921688 for details.

I understand that removing electrum means that it will need to take a
trip through new once fixed.
I think in this instance given that we haven't fixed such a critical issue in months, it is justified.

Attachment: signature.asc
Description: PGP signature

Reply to:

Prev by Date: Bug#928384: marked as done (hi the VCS gitweb at https://tracker.debian.org/pkg/chromium-browser donot work)
Next by Date: Bug#928544: debsources: wheezy gone missing
Previous by thread: Bug#928384: marked as done (hi the VCS gitweb at https://tracker.debian.org/pkg/chromium-browser donot work)
Next by thread: Bug#928544: debsources: wheezy gone missing
Index(es):
- Date
- Thread