Hi Robert,
>> Neither the changelog entry nor README.{Debian,source} contain
>> any justification, however.
>
>The justification is simple and obvious: current upx does not compile
>with the current lzma-dev.
that could be fine, depending on the circumstances, but needs
to be documented.
>Also
Thorsten Glaser writes:
>
> Apparently upx-ucl reverted from using the system LZMA library
> to its own.
First of all, lzma-sdk is not designed to be used as a library, so in
fact there is no such thing like "system LZMA library". Moreover upx is
not the only package that includes its own copy
Source: upx-ucl
Version: 3.93-1
Severity: serious
Justification: Policy ยง4.13
Control: found -1 3.94-2
Apparently upx-ucl reverted from using the system LZMA library
to its own. This, if not justified, is a Policy violation, for
various reasons, including maintainability and security.
Neither
3 matches
Mail list logo
