Bug#613788: ITP: dropbox -- secure backup, sync and sharing util
On 2011-02-17, Vincent Cheng <Vincentc1208@gmail.com> wrote:
> * Package name : dropbox > Version : 1.0.20-1 > Upstream Author : Dropbox, Inc. > * URL : http://www.dropbox.com > * License : Proprietary > Section : non-free/net > Description : secure backup, sync and sharing util You should consider http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610300 first. Kind regards Philipp Kern -- To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: slrnilpo1r.84b.trash@kelgar.0x539.de">http://lists.debian.org/slrnilpo1r.84b.trash@kelgar.0x539.de |
Bug#613788: ITP: dropbox -- secure backup, sync and sharing util
On Thu, Feb 17, 2011 at 12:35:26AM -0800, Vincent Cheng wrote:
> * Package name : dropbox > Version : 1.0.20-1 > Upstream Author : Dropbox, Inc. > * URL : http://www.dropbox.com > * License : Proprietary > Section : non-free/net > Description : secure backup, sync and sharing util It looks like you're still missing the source for librsync.so.1 in your packages. Also, I *strongly* recommend that you not include binary-only shared libraries that are already available in Debian. The security team will not be very happy with you. As an example, your package ships libz.so.1, which has been the target of a DSA previously. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187 |
Bug#613788: ITP: dropbox -- secure backup, sync and sharing util
On Thu, Feb 17, 2011 at 14:52:49 +0000, brian m. carlson wrote:
> On Thu, Feb 17, 2011 at 12:35:26AM -0800, Vincent Cheng wrote: > > * Package name : dropbox > > Version : 1.0.20-1 > > Upstream Author : Dropbox, Inc. > > * URL : http://www.dropbox.com > > * License : Proprietary > > Section : non-free/net > > Description : secure backup, sync and sharing util > > It looks like you're still missing the source for librsync.so.1 in your > packages. Also, I *strongly* recommend that you not include binary-only > shared libraries that are already available in Debian. The security > team will not be very happy with you. As an example, your package > ships libz.so.1, which has been the target of a DSA previously. > The security team doesn't support the non-free section in any way, so not really. Still a bad idea though. Cheers, Julien -- To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: 20110217154133.GW12480@radis.liafa.jussieu.fr">htt p://lists.debian.org/20110217154133.GW12480@radis.liafa.jussieu.fr |
| All times are GMT. The time now is 12:42 PM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.