| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 04 Nov 2009 15:41:55 -0500
From: Valdis.Kletnieks@...edu
To: Mikulas Patocka <mikulas@...ax.karlin.mff.cuni.cz>
Cc: Martin Nybo Andersen <tweek@...ek.dk>,
Alan Cox <alan@...rguk.ukuu.org.uk>,
"Ryan C. Gordon" <icculus@...ulus.org>,
Måns Rullgård <mans@...sr.com>,
linux-kernel@...r.kernel.org
Subject: Re: package managers [was: FatELF patches...]
On Wed, 04 Nov 2009 21:08:01 +0100, Mikulas Patocka said:
> On Wed, 4 Nov 2009, Valdis.Kletnieks@...edu wrote:
>
> > On Wed, 04 Nov 2009 19:46:44 +0100, Mikulas Patocka said:
> >
> > > When I did it (from Etch to Lenny), two programs that I have compiled
> > > manually ("vim" and "links") stopped working because Etch and Lenny have
> > > binary-incompatible libgpm.
> > >
> > > If some library cannot keep binary compatibility, it should be linked
> > > staticaly, dynamic version shouldn't even exists on the system --- so tha
t
> > > no one can create incompatible binaries.
> >
> > No, all they need to do is bump the .so version number.
>
> That's what Debian did. Obviously, I can extract the old library from the
> old package. But non-technical desktop user can't.
But the non-technical user probably wouldn't have hand-compiled vim and links
either, so how would they get into that situation?
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists