On Tue, Jun 26, 2007 at 08:36:51AM -0700, Russ Allbery wrote: > > Something like: > > Some software packages include in their distribution convenience > copies of libraries from other software packages, generally so that > users compiling from source don't have to download multiple packages. > Debian packages should not make use of these convenience copies. If > the included library is already in the Debian archive, the Debian > packaging should ensure that the software is linked with the libraries > already in Debian and the convenience copy is not used. If the > included library is not already in Debian, it should be packaged > separately as a prerequisite. > > Having multiple copies of the same code in Debian is inefficient, > often creates either static linking or shared library conflicts, and, > most importantly, increases the difficulty of handling security > vulnerabilities in the shared code. > > perhaps?
I'm seconding this proposal. It seem to be worded much better. Kurt
signature.asc
Description: Digital signature
