# In this file we keep the debtags for packages in "main" # where special conditions apply [wheezy] sql-ledger (Only supported behind an authenticated HTTP zone) [squeeze] sql-ledger (Only supported behind an authenticated HTTP zone) [wheezy] php5 (See README.Debian.security for the PHP security policy) [squeeze] php5 (See README.Debian.security for the PHP security policy) [wheezy] adns (Stub resolver that should only be used with trusted recursors) [squeeze] adns (Stub resolver that should only be used with trusted recursors) [wheezy] ltp (Testsuite, only supported on non-production non-multiuser systems) [squeeze] ltp (Testsuite, only supported on non-production non-multiuser systems) [sid] kompozer (vulnerable to all xulrunner issues, but intended use is not for untrusted or networked sources) [squeeze] kompozer (vulnerable to all xulrunner issues, but intended use is not for untrusted or networked sources) [wheezy] kompozer (vulnerable to all xulrunner issues, but intended use is not for untrusted or networked sources) [wheezy] ocsinventory-server (Only supported behind an authenticated HTTP zone) [squeeze] ocsinventory-server (Only supported behind an authenticated HTTP zone) [wheezy] wireshark (Not suitable for network monitoring / intrusion detection, DoS issues fixed with low priority through point updates) [squeeze] wireshark (Not suitable for network monitoring / intrusion detection, DoS issues fixed with low priority through point updates) [wheezy] acidbase (Only supported behind an authenticated HTTP zone for trusted users) [squeeze] acidbase (Only supported behind an authenticated HTTP zone for trusted users) [wheezy] glpi (Only supported behind an authenticated HTTP zone for trusted users) [squeeze] glpi (Only supported behind an authenticated HTTP zone for trusted users) [wheezy] memcached (Attacks that require an attacker to be able to access the memcached port/sock are not supported, it's running as nobody and in a typical setup attackers don't have access to this) [squeeze] memcached (Attacks that require an attacker to be able to access the memcached port/sock are not supported, it's running as nobody and in a typical setup attackers don't have access to this) [wheezy] webkit (not properly supported upstream, only for use on trusted content) [squeeze] libkhtml5 (not properly supported upstream, only for use on trusted content) [wheezy] libkhtml5 (not properly supported upstream, only for use on trusted content) [wheezy] libqtwebkit4 (not properly supported upstream, only for use on trusted content) [wheezy] ganglia (See README.Debian.security, only supported behind an authenticated HTTP zone, #702775) [wheezy] ganglia-web (See README.Debian.security, only supported behind an authenticated HTTP zone, #702776)