Hans Hagen
� wrote:
Hi, the libpng-version we use has a security problem which is fixed in a
you mean a bug; i always wonder why bugs are called security problem / fix; maybe because it sounds friendlier (since such risks originat efrom the outside world) -)
I think they are treated as a security issue if they allow a DoS attack or executing malicious code etc. It doesn't sound friendlier to me at all. A normal bug should be fixed, yes; but it doesn't make sense to backport all fixes for bugs found so far into a stable release. If it's a security issue, it generally makes sense. In this particular case, I don't know about the impact of the problem, and I personally don't care since we (Debian) compile --with-system-pnglib and therefore get the update automatically. Regards, -- Frank Küster Single Molecule Spectroscopy, Protein Folding @ Inst. f. Biochemie, Univ. Zürich Debian Developer (teTeX)