Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Debian Development (http://www.linux-archive.org/debian-development/)
-   -   Bug#613788: ITP: dropbox -- secure backup, sync and sharing util (http://www.linux-archive.org/debian-development/490540-bug-613788-itp-dropbox-secure-backup-sync-sharing-util.html)

Philipp Kern 02-17-2011 07:45 AM

Bug#613788: ITP: dropbox -- secure backup, sync and sharing util
 
On 2011-02-17, Vincent Cheng <Vincentc1208@gmail.com> wrote:
> * Package name : dropbox
> Version : 1.0.20-1
> Upstream Author : Dropbox, Inc.
> * URL : http://www.dropbox.com
> * License : Proprietary
> Section : non-free/net
> Description : secure backup, sync and sharing util

You should consider http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610300
first.

Kind regards
Philipp Kern


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: slrnilpo1r.84b.trash@kelgar.0x539.de">http://lists.debian.org/slrnilpo1r.84b.trash@kelgar.0x539.de

"brian m. carlson" 02-17-2011 01:52 PM

Bug#613788: ITP: dropbox -- secure backup, sync and sharing util
 
On Thu, Feb 17, 2011 at 12:35:26AM -0800, Vincent Cheng wrote:
> * Package name : dropbox
> Version : 1.0.20-1
> Upstream Author : Dropbox, Inc.
> * URL : http://www.dropbox.com
> * License : Proprietary
> Section : non-free/net
> Description : secure backup, sync and sharing util

It looks like you're still missing the source for librsync.so.1 in your
packages. Also, I *strongly* recommend that you not include binary-only
shared libraries that are already available in Debian. The security
team will not be very happy with you. As an example, your package
ships libz.so.1, which has been the target of a DSA previously.

--
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187

Julien Cristau 02-17-2011 02:41 PM

Bug#613788: ITP: dropbox -- secure backup, sync and sharing util
 
On Thu, Feb 17, 2011 at 14:52:49 +0000, brian m. carlson wrote:

> On Thu, Feb 17, 2011 at 12:35:26AM -0800, Vincent Cheng wrote:
> > * Package name : dropbox
> > Version : 1.0.20-1
> > Upstream Author : Dropbox, Inc.
> > * URL : http://www.dropbox.com
> > * License : Proprietary
> > Section : non-free/net
> > Description : secure backup, sync and sharing util
>
> It looks like you're still missing the source for librsync.so.1 in your
> packages. Also, I *strongly* recommend that you not include binary-only
> shared libraries that are already available in Debian. The security
> team will not be very happy with you. As an example, your package
> ships libz.so.1, which has been the target of a DSA previously.
>
The security team doesn't support the non-free section in any way, so
not really. Still a bad idea though.

Cheers,
Julien


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110217154133.GW12480@radis.liafa.jussieu.fr">htt p://lists.debian.org/20110217154133.GW12480@radis.liafa.jussieu.fr


All times are GMT. The time now is 01:09 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.