On Wed, Jul 13, 2005 at 01:53:32PM +0200, Florian Weimer wrote:
On most architectures, /usr/lib/libphysfs-1.0.so.0.0.0 includes a
statically linked copy of a vulnerable zlib version (1.2.1). This is
probably caused by a missing build dependency on zlib1g-dev.
Please investigate and advise the security team if an update for the
stable distribution is needed.
Yes seems all architectures includes that except i386 and m68k.
I'll build new package for sid as soon as possible, but I don't have sarge
box here so would be great if security team could build it for sarge
themselves.
Thus I'm CCing them.
Thanks Florian for spotting it.
regards
fEnIo
--
,''`. Bartosz Fenski | mailto:[EMAIL PROTECTED] | pgp:0x13fefc40 | irc:fEnIo
: :' : 32-050 Skawina - Glowackiego 3/15 - w. malopolskie - Poland
`. `' phone:+48602383548 | proud Debian maintainer and user
`- http://skawina.eu.org | jid:[EMAIL PROTECTED] | rlu:172001
signature.asc
Description: Digital signature