zlib advisory ?

Matthias Benkmann matthias at winterdrache.de
Wed Mar 13 11:05:50 PST 2002


On Tue, 12 Mar 2002 15:29:00 -0500 Gerard Beekmans
<gerard at linuxfromscratch.org> wrote:

> I don't think there's an easy way to fix packages that use private zlib
> copies, the way to fix them is package dependant in most cases, so you'd
> get a huge document "if you have this, do this, if you have that, do
> that, if you hvae this other one, do that other thing". 

I think this can be automated. Have find scan for a .c file with the buggy
code fragment and then apply a context diff to this file. If the code
fragment has been taken verbatim from zlib (very likely) that should work.

MSB
-- 
Ambition is a poor excuse for not having enough sense to be lazy.

-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-security' in the subject header of the message



More information about the lfs-security mailing list