Package: kbuild
Version: 1:0.1.9998svn3293+dfsg-2
Severity: important
Tags: security

kbuild contains an embedded copy of GNU make. It is shipped as
kmk_gmake. Please consider removing the embedded copy. Presently, it
uses GNU make 4.2.1, which is the same version as make-dfsg, so this
might be a convenience copy.

Failing that, please register your copy writh the security tracker.
Refer to https://wiki.debian.org/EmbeddedCodeCopies for instructions on
how to do that. Given that make has previously received CVEs, getting
rid of the copy is strongly preferred.

Helmut

Reply via email to