On Sun, Feb 12, 2023 at 08:39:22AM +0100, Sebastian Humenda wrote:
> Hi
>
> Karl Dahlke schrieb am 11.02.2023, 5:32 -0500:
> >If quickjs were packaged, we would need to change the makefile, as it
> >currently assumes it has been built statically in parallel. In other words,
> >we would simply lin
Hi
Karl Dahlke schrieb am 11.02.2023, 5:32 -0500:
>If quickjs were packaged, we would need to change the makefile, as it
>currently assumes it has been built statically in parallel. In other words,
>we would simply link to it as we do with curl and readline etc. We might need
Debian installs it
If quickjs were packaged, we would need to change the makefile, as it
currently assumes it has been built statically in parallel.
In other words, we would simply link to it as we do with curl and
readline etc.
We might need an environment flag or parameter or something conditional
in the makef
Hi
[please don't CC me as I'm on the list]
Adam Thompson schrieb am 11.02.2023, 8:10 +:
>No problem. As someone who uses Debian on a daily basis I've been wondering
>how to facilitate a more up-to-date Edbrowse package for a while.
Have ou been thinking about stable or about the rolling rele
On Thu, Feb 09, 2023 at 10:48:00AM +0100, Sebastian Humenda wrote:
> Hi
>
> Adam Thompson schrieb am 09.02.2023, 8:13 +:
> >On Wed, Feb 08, 2023 at 05:33:03AM -0500, Karl Dahlke wrote:
> >> I don't understand why there would be security concerns with quickjs. It is
> >> a language interpreter
Hi
Adam Thompson schrieb am 09.02.2023, 8:13 +:
>On Wed, Feb 08, 2023 at 05:33:03AM -0500, Karl Dahlke wrote:
>> I don't understand why there would be security concerns with quickjs. It is
>> a language interpreter. It either works or it doesn't. All the security
>> concerns fall on edbrowse,
On Wed, Feb 08, 2023 at 05:33:03AM -0500, Karl Dahlke wrote:
> I don't understand why there would be security concerns with quickjs. It is
> a language interpreter. It either works or it doesn't. All the security
> concerns fall on edbrowse, which is already packaged in several distros.
To provide
I don't understand why there would be security concerns with quickjs.
It is a language interpreter. It either works or it doesn't.
All the security concerns fall on edbrowse, which is already packaged
in several distros.
There are very likely security issues with edbrowse, but we don't have
th
Hi all
I have prepared a packaged version of QuickJS for Debian that is a dependency
of Edbrowse. However, during that process the question got raised whether such a
security-sensitive package would be appropriate to package in Debian. The main
point is that this puts additional burden on the Debi
