On Thu, Nov 18, 2021 at 05:12:10PM +0100, Sebastiaan Couwenberg wrote: >... > For the Debian package you could drop use_debian_packaged_libpcre.patch and > use the embedded copy to not block the prce3 removal in Debian.
As a general comment, this would be a lot worse than keeping pcre3. If any copy of this library should be used at all in bookworm, it should be provided by src:pcre3. Switching from src:pcre3 to an older vendored copy would likely create additional security vulnerabilities for our users,[1] even with only one user in bookworm shipping it security supportable in src:pcre3 would be better than hiding vulnerabilities through vendoring. > Kind Regards, > > Bas cu Adrian [1] https://security-tracker.debian.org/tracker/source-package/pcre3