Re: Bits from the Testing Security team
On 15/10/2007 Francesco P. Lovergine wrote:
> > > I wonder if in those special cases an Embed: <source> tag could be added in
> > > debian/control to help tracking things.
> >
> > That would be a nice thing, also if this would include
> > information if the code is really included or just
> > statically linked against it.
> > Kind regards
> > Nico
>
> Well, I would consider statically linking a non embedded (i.e. a packaged)
> library a bug... Are there known cases where this is a required condition?
cryptsetup is statically linked against libgcrypt and libgpg-error, as
both are in /usr/lib, and relying on a mounted /usr is not an option for
cryptsetup.
...
jonas
Reply to: