On Sun, 6 Dec 2009 21:19:50 -0800 Steve Langasek wrote: > On Mon, Dec 07, 2009 at 12:04:18AM -0500, Michael Gilbert wrote: > > Package: unixodbc > > Severity: grave > > Tags: security > > > The following CVE (Common Vulnerabilities & Exposures) id was > > published for libtool. I have determined that this package embeds a > > vulnerable copy of the libtool source code. However, since this is a > > mass bug filing (due to so many packages embedding libtool), I have not > > had time to determine whether the vulnerable code is actually present > > in any of the binary packages. Please determine whether this is the > > case. If the binary packages are not affected, please feel free to close > > the bug with a message containing the details of what you did to check. > > Package: unixodbc > Depends: [...] libltdl7 (>= 2.2.6a) [...]
please make sure you are using --without-included-ltdl. thanks. mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
