Hello Asheesh, others.
* Asheesh Laroia [Thu, 06 Mar 2008 19:47:24 -0800]:
>> Supporting new drivers means patching the uw-imap source included with
>> alpine. I believe it makes good sense to instead patch alpine the use
>> the shared (Debian-patched not-approved-by-Mark Crispin) libc-client
>> package and if Alpine invents additional patches for the uw-imap source
>> in addition to the current Maildir patch then consider applying them to
>> that shared library instead, for the benefit of php and others using
>> it, in addition to Alpine.
>> If we find that some patches (possibly including the current Maildir
>> patch) may not be stable enough to force all Debian users of uw-imap
>> and other C-lient-based software, then we could maybe extend the build
>> routines of uw-imap to package several flavors of th c-client library
>> with different patches applied.
> This seems like more trouble than it's worth. I hardly see the benefit
> at all, actually.
> But tell me if I'm missing something.
It is very important to make an effort that the same code is not
compiled from different source packages. That is, if package X ships a
copy of library L, which is packaged separately in Debian as well, and
the configure script of X wants to compile that private copy of the
library and link statically against it, then Debian prefers that the
configure script of X be modified so that X links against the packaged
version of L.
This is so becuase code duplication increases the amount of work the
security team has to perform if a security hole is discovered in L; and
exposes users to unknown vulnerabilities if the code duplication between
X and L is not known by the security team.
For more details, you can check with the security team. Because all of
this, I would suggest that you check the viability of linking alpine
against the packaged version of libc-client.
If, after checking, you think it's not feasible, I suggest you contact
the security team to see how to proceed.
Thanks in advance,
--
Adeodato Simó dato at net.com.org.es
Debian Developer adeodato at debian.org
- Oh my God, you're pimping me out for a new roof?
- And windows!
-- Andrew and Bree Van De Kamp
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
