Florian Hubold wrote:
> I've just whipped up
> https://wiki.mageia.org/en/Packages_carrying_bundled_copies_of_system_libraries
> It's purpose is listing and maybe documenting the reasons why
> some packages carry bundled copies of system libraries. I've begun
> with ffmpeg, as it has a rather bad record for security updates on
> Mageia 1 IMHO, as some security updates would almost have been
> missed, some were delayed for a long time, and some wouldn't
> have been noticed unless by accident.
> Please, every packager participate, and list the packages you know about.
> Another good example would be xulrunner.
> PS: Maybe it should also be used to documented the packages which
> require some static linking, and the reasons, if there are any of these.

Thanks Florian.

Another thing that would be helpful related to this would be to have an install 
of rq in the Mageia infrastructure:

It can be used to see when some code is affected by a security vulnerability if 
any other packages contain the same code.

Reply via email to