Patch to remove zlib.
jra at samba.org
Wed Jul 9 17:43:50 MDT 2014
On Thu, Jul 10, 2014 at 01:38:52AM +0200, Jelmer Vernooij wrote:
> On Wed, Jul 09, 2014 at 03:23:27PM -0700, Jeremy Allison wrote:
> > On Wed, Jul 09, 2014 at 09:50:36PM +0200, Volker Lendecke wrote:
> > > On Mon, Jul 07, 2014 at 12:46:47PM -0400, Ira Cooper wrote:
> > > > Note: To apply it unxz it then use git am --ignore-whitespace , otherwise
> > > > you may have issues. (xz was used to save the list a good bit of space...
> > > > it's over 500k gzipped.)
> > > >
> > > > As far as why: I listened to metze/vl. I disagree with them.
> > > >
> > > > I believe that third party (non Samba Team developed) libraries do not
> > > > belong in the tree. They are asking for trouble long term, IMHO.
> > +1 on this. There have been security vulnerabilities in
> > zlib in the past, and we're not updating often enough
> > to make sure we're safe.
> We first imported zlib in 65c9e91a1bb24851a030a304d011558562cc50d6, which
> was in July 2008.
> The last zlib security release was in July 2005.
Fair enough - facts beat opinions every time :-).
Thanks Jelmer !
Having said that having duplicate libraries in
the tree still makes me nervous :-).
More information about the samba-technical