-
-
Notifications
You must be signed in to change notification settings - Fork 7
/
blacklist
136 lines (127 loc) · 2.93 KB
/
blacklist
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
# blacklist: gnome1
# We want to avoid shipping GNOME 1.x components if possible
gconf
libxml
libcapplet
gnome-bin
gnome-libs
# blacklist: misc
# Packages which are pulled in incidentally (typically by build-dependencies)
# and could be trivially replaced with something that we ship
# java-common build-depends
#dpsyco
# various build-depends, pulls in lua, consider standarizing html->text
#elinks
# no one actually uses this anymore
#zephyr
# blacklist: security
#
# Packages which are not supportable from a security standpoint
#
## mdz: Packages noticed in 2004-06-14 review of germinate output
uw-imap
# We shall only ship current kernel-source
kernel-source-2.4.22
kernel-source-2.4.23
kernel-source-2.4.24
kernel-source-2.4.25
kernel-source-2.2.25
# results in lots of unwanted setuid-ness; modern stuff uses X or fb
svgalib
# we ship server software with TLS built-in
stunnel
# mdz, 2004-06-15
apache
## Packages which haven't shown up yet; make sure they don't sneak in
# mdz, 2004-06-14: many, many bugs and unmaintained (both debian and upstream)
metamail
# mdz, 2004-06-14: lots of unsafe string handling, CVE-2002-0789,
# CAN-2003-0436, CAN-2003-0437
mnogosearch
# mdz, 2004-06-14: requires no explanation
wu-ftpd
# mdz, 2004-06-14: CAN-2003-0781, unmaintained upstream, Debian#210444
ecartis
# mdz, 2004-06-14: lots of DoS and other badness, CAN-2003-0946, CAN-2004-0270,
# debian#209084
clamav
# mdz, 2004-06-14: upstream deliberately obfuscates vulnerabilities
# mdz, 2004-06-20: CAN-2002-0757, CAN-2003-0101, SNS 74, SNS 75
webmin
### elementary ###
apport
apport-gtk
apport-hooks-elementary
apport-symptoms
apt-transport-https
banshee
branding-ubuntu
budgie-desktop
compiz
# creates ~/example.desktop
example-content
fcitx-frontend-gtk3
firefox
# fonts superseded by fonts-noto or fonts-croscore
fonts-freefont-ttf
fonts-indic
fonts-khmeros-core
fonts-lao
fonts-liberation
fonts-lklug-sinhala
fonts-thai-tlwg
fonts-tibetan-machine
gdm3
gnome-control-center
gnome-remote-desktop
gnome-screensaver
# we only want gnome-session-bin not configs
gnome-session
gnome-software
gnome-system-monitor
gnome-user-guide
humanity-icon-theme
libaccount-plugin-1.0-0
libsignon-extension1
libsignon-plugins-common1
libsignon-qt5-1
light-locker-settings
# mate window manager
marco
mcp-account-manager-uoa
metacity
nautilus
overlay-scrollbar
plymouth-theme-ubuntu-logo
plymouth-theme-ubuntu-text
signon-plugin-password
signon-ui
signond
snapd
system-config-printer
totem-mozilla
ubiquity-slideshow-ubuntu
ubuntu-artwork
ubuntu-desktop
ubuntu-release-upgrader-core
ubuntu-release-upgrader-gtk
ubuntu-session
ubuntu-system-settings
ubuntu-touch-sounds
ubuntu-wallpapers
ubuntu-wallpapers-focal
# unar pulls in gnustep-base resulting in gdomap running, lp:1357051
unar
unity
unity-2d
unity-control-center
unity-greeter
update-manager
update-manager-core
update-notifier
# ubuntu web browser
webbrowser-app
# synaptics broke Dan's input
xserver-xorg-input-synaptics
yelp
#elementary-os-prerelease