Re: Addressing the recent zlib issue

[Florian Weimer <fw@deneb.enyo.de>]

* Mark Brown:

> On Tue, Jul 12, 2005 at 06:40:55PM +0200, Florian Weimer wrote:
>
>> operations.  Unfortunately, we have to check all architectures
>> individually because spurious buildd configuration changes might
>> trigger static linking of zlib.
>
> Yes, although the main issue is likely to be people shipping a separate
> copy of the source.

Only by looking at the binary, you can tell if the copy which is
contained in the source tarball is actually used.

By the way, I was able to halve the total number of signatures because
they turned out to be endian-independent.  I should have been worried
that the big-endian signature triggers on my x86 system. 8-)
(Clamav seems to report the first matching signature only.)