[Mageia-dev] [RFE] Bundled copies of system libraries - call for participation
luigiwalser at yahoo.com
Tue Feb 7 17:19:31 CET 2012
Florian Hubold wrote:
> I've just whipped up
> It's purpose is listing and maybe documenting the reasons why
> some packages carry bundled copies of system libraries. I've begun
> with ffmpeg, as it has a rather bad record for security updates on
> Mageia 1 IMHO, as some security updates would almost have been
> missed, some were delayed for a long time, and some wouldn't
> have been noticed unless by accident.
> Please, every packager participate, and list the packages you know about.
> Another good example would be xulrunner.
> PS: Maybe it should also be used to documented the packages which
> require some static linking, and the reasons, if there are any of these.
Another thing that would be helpful related to this would be to have an install of rq in the Mageia infrastructure:
It can be used to see when some code is affected by a security vulnerability if any other packages contain the same code.
More information about the Mageia-dev