Package: libsdl-mixer1.2 Version: 1.2.6-2 Severity: Important SDL-mixer has an internal copy of the mikmod library, which it uses to load mod files and such. It would be preferable if SDL-mixer did not include a separate version of libmikmod, but rather used the one that is already in the debian archive. This would have several advantages: 1) The security team only has to worry about one mikmod library, in the event of a security hole. 2) One version is easier to upgrade and maintain. 3) One version takes less space on a user's hard drive.
I noticed this line in the changelog: * Build-depend on libmikmod-dev to use the system's libmikmod. Apparently, somebody thinks they already fixed this bug. They didn't. Additionally, just having libmikmod-dev installed will not automatically make sdl-mixer build to use share library mikmod. There is also another advantage, or so I think. I think that the latest version of libmikmod2 is not affected by sdl-mixer bug # 422021. This is one of the reasons that I make this bug severity important, because fixing it would fix an important bug. I did some testing, and it appears that the mikmod binary, which uses libmikmod2, is not afflicted by bug # 422021. I set a conditional breakpoint in pt_UpdateVoices if (md_sngchn != pf->numchn). It did not break. However, in penguin-command, with the same conditional breakpoint, it did, right before it would have crashed had I not had my own patch applied. This is not a definitive test, but is very suggestive that upstream has fixed that bug, and in a different (possibly more stable) way than I did. Anyway, this is just one reason to use the debian version of libmikmod. I tried to create a patch to get sdl-mixer to compile with the mikmod shared library, but I haven't managed it yet. If I ever do manage it, I'll include it here. I wouldn't count it, though. I'm not too familiar with most of the various build systems. -Brandon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
