Bug#650601: [png-mng-implement] Lack of security in libpng 1.2
On 22.03.2012 11:00, AnÃbal Monsalve Salazar wrote:
The message above is part of a discussion in the libpng development
mailing list about the *lack* of security of libpng 1.2, after the
vulnerability was discovered by the chrome folks.
For more details see
So, the message is to move away from libpng 1.2 in Debian as soon as
In that case, maybe someone could address some of the issues we raised
when the transition was first proposed? e.g. the "requirement" for
changing the development page name and thus needing otherwise
unneccessary source uploads of a bunch of packages, the huge number of
known FTBFS issues.
We don't just not start transitions for our own amusement, and the
implication that the transition is primarily being blocked from our side
is not really appreciated.