Package: ampache-common Version: 3.6-git408e713+dfsg-3.1 Severity: normal ampache-common appears to ship an embedded copy of php-getid3[1]. The policy section 4.13 discourages such copies and they put additional work on the security team in case there is an update of php-getid3. Also the space savings achievable[2] by not embedding php-getid3 appear impressive 1.5MB or 20% of ampache-common. Can you investigate whether this copy can be replaced with the packaged version? If this is not the case, please get your copy registered[3] with the security tracker.
Helmut [1] http://dedup.debian.net/compare/ampache-common/php-getid3 [2] http://dedup.debian.net/binary/ampache-common [3] http://wiki.debian.org/EmbeddedCodeCopies -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
