On Mon, 2016-01-18 at 13:29 +0100, Gard Spreemann wrote: > I'm sorry, I seem to have spoken too soon. Most of these are the > incompatible, older version 2 of L-BFGS-B. An exception is > python-scipy, which really does bundle version 3 (with minor trivial > patches). Please still report them to the security team and pursue getting them ported to the latest version and the embeds removed upstream. > I have now contacted upstream and notified them of some of these > things, including prebuilt binaries, some metadata mess and some > missing copyright notes. Great, thanks. When contacting upstream, you may want to point them at this: https://wiki.debian.org/UpstreamGuide -- bye, pabs https://wiki.debian.org/PaulWise
Attachment:
signature.asc
Description: This is a digitally signed message part