* Moritz Muehlenhoff: >> I confirm that lesstif contains the convenience copy of libxpm. For next >> work round on lesstif I will try to remove the use of the embedded copy >> (it is a "should" in the policy [1] after all), although it seems that >> there are quite some local changes. I will have to figure out how >> important they are. > > It's not very important, there haven't been any libxpm security issues so > far.
That's because the split into a separate libxpm is recent. See CVE-2004-0687 and CVE-2004-0688 for examples. It's the same code, it goes back to the dawn of time. I guess we've been patching this code since the late 90s. 8-) -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
