Bug#1039116: ardour: Please repack without third party library

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1039116: ardour: Please repack without third party library
From: Bastien Roucariès <rouca@debian.org>
Date: Sun, 25 Jun 2023 21:36:13 +0000
Message-id: <[🔎] 168772897378.3337950.3768034592352423565.reportbug@portable-bastien.local.roucaries.eu>
Reply-to: Bastien Roucariès <rouca@debian.org>, 1039116@bugs.debian.org

Source: ardour
Version: Please repack without third party library
Severity: important

Dear Maintainer,

I was checking if your are affected by a lua security bug. It will be nice if
you could strip (repack with +ds suffix) third party library.

It is a good pratice to not ship third party library when you use system
library:
- in case of security bug it is less work (no need to check build log)
- do not introduce accidental compilation of third party library in case of
upstream modification.

Rouca


-- System Information:
Debian Release: trixie/sid
  APT prefers testing-debug
  APT policy: (900, 'testing-debug'), (900, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armel

Kernel: Linux 6.1.0-9-rt-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Reply to:

Prev by Date: Re: Update Embree to 4.x version
Next by Date: Bug#1039225: icecast2: ships sysv-init script without systemd unit
Previous by thread: libwebm_1.0.0.30-4_source.changes ACCEPTED into unstable
Next by thread: Bug#1039225: icecast2: ships sysv-init script without systemd unit
Index(es):
- Date
- Thread