[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bug#820816: stop using gnulib

From: Antoine Beaupré
Subject: Bug#820816: stop using gnulib
Date: Tue, 12 Apr 2016 13:45:21 -0400

Source: libidn
Severity: normal

the use of gnulib in this package makes it significantly harder to
backport security patches around the different Debian suites. I have
spent a long time trying to figure out how to update the gnulib source
code in libidn for CVE-2015-2059, for example. it was pretty painful!

using an external library like libunistring would be much better. i
understand that gnulib is necessary to port to certain environments
for the GNU system, but this here is Debian, we can certainly do

this would also be in accordance with §4.13:

-- System Information:
Debian Release: 8.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 
'stable'), (1, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.2.0-0.bpo.1-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]