Add paragraph about end-of-life packages

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@22537 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Salvatore Bonaccorso <carnil@debian.org> 2013-06-08 07:12:14 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2013-06-08 07:12:14 +0000
commit: 2e058c1605387456f2f287ccf6520c66613bd6f0 (patch)
tree: 0cdfe89ae0a25c8e3bad97a6e7e1d0c877fde54d /doc/narrative_introduction
parent: c7e36100155c5ab24828a885a2d522229e84a691 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/doc/narrative_introduction b/doc/narrative_introduction
index de7f188b64..4731725856 100644
--- a/doc/narrative_introduction
+++ b/doc/narrative_introduction
@@ -361,6 +361,22 @@ high       : A typical, exploitable security problem, which you'll really
 Certain packages may get higher or lower rating than usual, based on
 their importance.
 
+end-of-life packages
+--------------------
+
+In some rare cases (i.e. webprowsers) security support for some packages
+needed to be stopped before the end of the regular security maintenance
+life cycle.
+
+Packages which are not anymore supported by the security team in a
+(old-stable release are marked with the end-of-life tag:
+
+CVE-2011-3973 (cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 ...)
+	{DSA-2336-1}
+	- libav 4:0.7.1-7 (bug #641478)
+	- ffmpeg <removed>
+	- ffmpeg-debian <end-of-life>
+
 
 NOTE and TODO entries
 ---------------------
author	Salvatore Bonaccorso <carnil@debian.org>	2013-06-08 07:12:14 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2013-06-08 07:12:14 +0000
commit	2e058c1605387456f2f287ccf6520c66613bd6f0 (patch)
tree	0cdfe89ae0a25c8e3bad97a6e7e1d0c877fde54d /doc/narrative_introduction
parent	c7e36100155c5ab24828a885a2d522229e84a691 (diff)