Package: libsafe
Version: 2.0-16-6
Severity: serious
Libsafe 2.0-16-6 seem to not stop it's own, attached to sources, example
exploits, which would make it quite useless if confirmed. That would
mean that it gives false feeling of security (in matter of strcmp and
related functions
Thanks for your very valid comments.
Libsafe is probably obsolete. It doesn't work the way it was
designed, because of some not-very-recent changes to glibc, and
libsafe is no longer maintained upstream.
See the other serious bugs against libsafe
(http://bugs.debian.org/libsafe) for more
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David Coe wrote:
| Thanks for your very valid comments.
| Libsafe is probably obsolete. It doesn't work the way it was
| designed, because of some not-very-recent changes to glibc, and
| libsafe is no longer maintained upstream.
Would it be then
3 matches
Mail list logo
