On 23/05/2008, Gonéri Le Bouder wrote: > The problem with .a only lib package is that it's not possible to know > with which release of the lib the binary had been built. I guess the point might have been raised while I have been switching $HOME, but please do think about security support. Static libraries are making security folks' work quite hard. That said, I've been thinking about providing that for a future package of mine, but you really should know what that implies in terms of security, and I think it'd be fair to notify the security team about that (I'm offline right now so I can't check whether they have a tool to track that already). Mraw, KiBi.
Attachment:
pgp4ijoGo71RG.pgp
Description: PGP signature