On Wed, Jul 13, 2005 at 01:53:32PM +0200, Florian Weimer wrote: > On most architectures, /usr/lib/libphysfs-1.0.so.0.0.0 includes a > statically linked copy of a vulnerable zlib version (1.2.1). This is > probably caused by a missing build dependency on zlib1g-dev. > > Please investigate and advise the security team if an update for the > stable distribution is needed.
Yes seems all architectures includes that except i386 and m68k. I'll build new package for sid as soon as possible, but I don't have sarge box here so would be great if security team could build it for sarge themselves. Thus I'm CCing them. Thanks Florian for spotting it. regards fEnIo -- ,''`. Bartosz Fenski | mailto:[EMAIL PROTECTED] | pgp:0x13fefc40 | irc:fEnIo : :' : 32-050 Skawina - Glowackiego 3/15 - w. malopolskie - Poland `. `' phone:+48602383548 | proud Debian maintainer and user `- http://skawina.eu.org | jid:[EMAIL PROTECTED] | rlu:172001
signature.asc
Description: Digital signature