On Thu, Jul 14, 2005 at 12:21:06PM +0200, Tollef Fog Heen wrote:
| /bin/sash seems to contain a statically linked copy of zlib (version
| 1.2.2). Please check, and if necessary, advise the security team if an
| update for the stable distribution is required.
It appears it will need an update for stable.
I'm going to make an upload for unstable with tightened build-deps
(sash doesn't have an embedded copy of zlib, just a statically linked
version). It would be nice if the security team could do the same for
stable. (And close the cloned bug in that upload.)
What's the security risk? How does sash use zlib?
Mike Stone
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
