This one time, at band camp, Florian Weimer said: > * Stephen Gran: > > > So, it looks like this is the patch that fixes the infinite loop. > > Comments, etc, appreciated. Security folks, does this look to you like > > it does the job, and can I upload it for sarge? > > This is basically a reimplementation of mpz_setbit and friends. If > GMP is a mandatory build dependency of ClamAV, these functions should > probably be used instead.
It is a build dep in Debian, because otherwise you get loud complaints in your log files about being unable to verify the signatures on the database updates. The normal upstream source builds and runs without it, but is happier with it. I think that probably the right thing is to make it a requirement upstream, so I will speak to them about it. Thanks, -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : [EMAIL PROTECTED] | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
signature.asc
Description: Digital signature
