Package: paul Version: 0.1.1-5 Severity: serious Hi Andreas,
Your package currently build-depends on giflib3g-dev | giflib-dev; although giflib-dev is a virtual package also provided by libungif4-dev, this dependency results in autobuilt packages that depend on giflib3g, which is an ancient version of the lib that has an RC security bug. There is a new version of giflib in NEW, but it also changes the -dev package name to libgif-dev, so paul will then be uninstallable and fail to build. Since there is no guaranteed ETA on giflib 4 clearing the NEW queue, and I intend to tag giflib3g for removal from testing due to its RC bug, I would recommend switching paul's build-dependencies to libungif4-dev in the short term if you want this package to ship with sarge. Cheers, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
