On 12/24/06, Patrice Dumas <pertusus@xxxxxxx> wrote:
libnc-dap has a copy of the netcdf library in the code, so it doesn't add much regarding security.
If all the fedora space apps which need netcdf3 support use the libnc-dap implementation, then we reduce the issue to exactly one codebase... that shared library. If there was a security issue, do we even know how many things in the fedora space are building against the static libraries in netcdf-devel right now? It's tough to get a handle on how many things are building with netcdf support with the available repoquery tool since there's no shared library requires to match against. We'll have to dig through all the spec files and look for netcdf-devel. That's not something I'm looking forward to doing. -jef -- fedora-extras-list mailing list fedora-extras-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-extras-list
