On 03/12/2021 17:16, Vitaly Zaitsev via devel wrote:
On 03/12/2021 17:41, Miro HronĨok wrote:
> The bundled openssl in opae worries me still, but that's not causing
> issues in dependency resolution any more.
I think FESCo should create a strict policy on bundling cryptographic
libraries.
Well bundling a binary from upstream is already against policy
so I don't see how that helps.
The problem isn't a lack of policy, it's that the packager didn't
notice those files or didn't realise they weren't allowed.
Tom
--
Tom Hughes (tom(a)compton.nu)
http://compton.nu/