* Michael Stone
| On Thu, Jul 14, 2005 at 12:21:06PM +0200, Tollef Fog Heen wrote:
| >| /bin/sash seems to contain a statically linked copy of zlib (version
| >| 1.2.2). Please check, and if necessary, advise the security team if an
| >| update for the stable distribution is required.
| >
| > It appears it will need an update for stable.
| >
| >I'm going to make an upload for unstable with tightened build-deps
| >(sash doesn't have an embedded copy of zlib, just a statically linked
| >version). It would be nice if the security team could do the same for
| >stable. (And close the cloned bug in that upload.)
|
| What's the security risk? How does sash use zlib?
It has a built-in gzip/gunzip command.
--
Tollef Fog Heen ,''`.
UNIX is user friendly, it's just picky about who its friends are : :' :
`. `'
`-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
