Hi Ove, * Ove Kaaven <[EMAIL PROTECTED]> [2008-02-17 13:41]: > Guillem Jover skrev: > >This packages includes an embedded (partial) copy of giflib sources, > >this might be a problem for security updates or normal enhancements > >to the library.
Added this to our list[0] of embedded code copies. > You're saying "might be a problem". But *is* there a problem that you're > filing > a bug for, and if so, what would I do about it? That is a problem no matter if there is already an issue in the code because if a security issue is published for giflib the security team can't know that this needs to be fixed in wine as well and it does not make sense to fix this at multiple places when a shared library exists. To fix this please build against libgif-dev rather than the included copy. > Besides, nobody ever claimed > Wine was safe and secure software... Wine contains tons and tons of code, > both > borrowed from other projects and written from scratch, and most of it has > never > been audited for security and probably never will. Bad enough. [0] http://svn.debian.org/wsvn/secure-testing/data/embedded-code-copies?op=file&rev=0&sc=0 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpqtZv3CYijJ.pgp
Description: PGP signature
