Control: tags -1 + upstream On Tue, Apr 16, 2024 at 02:05:17PM -0700, Noah Meyerhans wrote: > > in light of the recent xz security breach, I'd like to ask if it > > would be possible to rework systemd readiness notification and socket > > activation patches to not link against libsystemd as just achieved for > > the openssh-server package in version 1:9.7p1-4 ? > > This would avoid /usr/bin/dovecot being linked also to three compression > > libraries (liblz4, liblzma, libzstd) and to libgpg-error. > > Yes, I believe this is reasonable. I believe the systemd upstream > maintainers have just released an updated MIT-0 licensed example of the > socket activation patches that avoids requiring libsystemd0. I'll see > about adapting this patch to dovecot.
The openssh package's change is at https://salsa.debian.org/ssh-team/openssh/-/commit/cc5f37cb8405cba624a133f4b8f464fbe381c5c8 As Dovecot natively supports systemd, rather than adding support for it via a downstream modification as openssh does, it'd be best for this change to be handled upstream. noah
