gallery2 outstanding security bugs -- Abondoned by Berninger?
Jon Ciesla
limb at jcomserv.net
Mon Jan 5 18:40:45 UTC 2009
> On Thu, Dec 18, 2008 at 01:21:16PM -0600, Jon Ciesla wrote:
>> access to the project there? I have a SF account currently.
>>
>> As far as bringing libjpeg current, I'm not sure the task would be as
>> herculean as it sounds, activities at fd.o hotwithstanding, not sure
>> what
>> that's about.
>>
>> State of things as I see them:
>>
>> 1 libjpeg bug in RH/Fedora land.
>>
>> 1 libjpeg bug in Debian. CCing debian libjpeg62 maintainer.
>
> Which bug you are pointing to ?
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446821
>> None in Gentoo. Not sure where OpenSUSE bugs live. Not sure what other
>> distros to loop into this.
>>
>> What it looks like needs to be done is an examination of the patches
>> used
>> in the above distros, and a discussion over these among the distro
>> maintainers and $_libjpeg_upstream_designee, leading to integration of
>> those most commonly used in the distros.
>>
>> Does this sound sane?
>
> The most important thing is that everybody standardize on the same
> API and ABI for the successor of libjpeg6b. This means not only the same
> source tarball, but also the same set of optionnal features activated
> for /usr/lib/libjpeg.so in all distros.
>
> Cheers,
> --
> Bill. <ballombe at debian.org>
>
> Imagine a large red swirl here.
>
--
in your fear, speak only peace
in your fear, seek only love
-d. bowie
More information about the fedora-devel-list
mailing list