Roman Drahtmueller
Shouldn't these packages rather be modified to use the system library rather then fixing them all individually? I know, this is beyond the scope of a security bugfix as the latter shouldn't contain feature changes and this can oft not be done as quickly as needed. But i think, a package bringing a library on its own, when decent system libraries are available, this is a quite stupid idea and it is also a security issue, as we can see with this announcement.
Your approach is obviously correct, and in some cases we even proceed that way.
My post was more a spontaneous grumbling in the direction of the packages authors, then a critic on the SuSE team.
In some cases though you might not want to mess up because the authors modified the code for optimizations and other adaptions. Prominent example: rsync.
Then i still wonder why these authors do not simply contribute these
modifcations to the author of the library rather then maintaining
their own version of the library. This would make life easier for
all, including them.
--
Rolf Krahl