On jueves, 24 de noviembre de 2016 15:20:06 ART Jan Niehusmann wrote: > On Thu, Nov 24, 2016 at 03:59:10PM +0200, Adrian Bunk wrote: > > If inspection is not easily possible, then adding a dependency on > > libssl1.0-dev to qtbase5-private-dev should be sufficient to > > ensure that this is not leaked to a different OpenSSL version. > > I see two disadvantages: > > 1) doesn't catch cases where a package doesn't depend on libssl at all, > but depends on two libraries which in turn use qt and libssl. > > 2) needlessly affects packages which use qt, but don't use QNetwork / > QSsl. Right, that's exactly why we didn't went for this approach. -- firmaware: soft cuya licencia pagas enviando un autografo StucKman en #grulic, irc.freenode.net Lisandro Damián Nicanor Pérez Meyer http://perezmeyer.com.ar/ http://perezmeyer.blogspot.com/
Attachment:
signature.asc
Description: This is a digitally signed message part.