Hi, On Fri, Oct 09, 2015 at 05:22:16PM +0200, Sandro Mani wrote: > Some time back licensecheck grew a dependency on Dpkg::IPC [1], which on > Fedora causes the "devscripts-minimal" package (which includes licensecheck) > to pull in dpkg. I'd like to propose the patch below to reduce the > dependency load: [...]
If this is changed, one needs to make sure that CVE-2015-5705 / #794365 isn't reintroduced (argument injection vulnerability). Regards, Salvatore
