Re: [pkg-golang-devel] [SECURITY] [DLA 1664-1] golang security update
> $ grep-dctrl -FBuild-Depends golang-go -w -sPackage
> Please note that there are probably a lot of false positives in this
> list, because not every package uses crypto/elliptic.
Indeed. So how reliable would it be to look for "crypto/elliptic"
and skip those? I fear that might accidentally exclude packages due
to transitive imports / Build-Depends or similar?
Or: should I just save effort and upload the lot?
> Please note that I was not able to get build-rdeps to run in a
> jessie chroot
(Ah, not just me then; I needed to hack the "sid|unstable" bit in
the code but didn't want to yak-shave that at the time!)
: :' : Chris Lamb
`. `'` email@example.com 🍥 chris-lamb.co.uk