On 22 November 2017 at 18:28, Cyril Brulebois <cy...@debamax.com> wrote: > Control: severity -1 serious > Control: tag -1 pending > > Hi Gabor, > > (I'm cc-ing the iptables maintainers so that they can correct me if I'm > wrong in my findings below; iproute2's maintainer Alexander; and Julian > who proposed an update to a new upstream release. Spoiler alert: I'm > proposing to fix the most obvious issues in a targetted way.) > >
Thanks! :-) > > There are probably reasons for including a copy of the header instead of > using the system one (probably because such things are common when it > comes to kernel-related headers), but deleting the header entirely would > work as well. > I don't see the point in caching an userspace library header. By doing that you are exposed to this kind of bugs. I guess it's OK to cache kernel headers, since these are supposed to not introduce breaking changes. Perhaps you could send a patch upstream to drop the embedded copy. best regards.
