Note: This was due to a git handling error. While labelled 4.10.2, the tarball was a previous version. Not a security risk; i've bumped the epoch and uploaded the corrected 4.10.2. Thanks for spotting this.
Best regards Alastair On 15/02/2018 09:50, Adrien wrote: > Package: libsilo-dev > Version: 4.10.2-6+b3 > Severity: important > Tags: security > X-Debbugs-CC: [email protected] > > Hi, > > When trying to compile visit with Silo, I found that the source code > of Silo from Debian differs from the upstream one, taken here: > https://wci.llnl.gov/simulation/computer-codes/silo/releases > > In particuliar, src/silo/silo.c does not have the function > DBSetDataReadMask2, which is there upstream. This prevent visit to be > compiled with silo. > > I am using the same version (4.10.2) in both cases. > > If it's intentional, there should at least be a notice into the debian > package explaining why the source code is modified into README.source > for instance. > If it's not intentional, it may be a security problem, because who > knows what else is modified ? > > Kind regards, > > Adrien > > --- System information. --- > Architecture: > Kernel: Linux 4.9.0-5-amd64 > > Debian Release: 9.3 > 500 stable-updates ftp.univ-nantes.fr > 500 stable ftp.univ-nantes.fr > 100 stretch-backports ftp.fr.debian.org > > --- Package information. --- > Depends (Version) | Installed > ===============================-+-================ > libsiloh5-0 (= 4.10.2-6+b3) | 4.10.2-6+b3 > > Package's Recommends field is empty. > > Package's Suggests field is empty. -- Alastair McKinstry, <[email protected]>, <[email protected]>, https://diaspora.sceal.ie/u/amckinstry Commander Vimes didn’t like the phrase “The innocent have nothing to fear,” believing the innocent had everything to fear, mostly from the guilty but in the longer term even more from those who say things like “The innocent have nothing to fear.” - T. Pratchett, Snuff
