https://bugzilla.redhat.com/show_bug.cgi?id=1511435 --- Comment #3 from Elliott Sales de Andrade <quantum.analyst@xxxxxxxxx> --- I know what the problem is; it's because they're bundling an ancient version of libuv. There's a patch here [1] and it was even the subject of a CVE [2]. I hope no-one's trying to run R setuid in the first place, but I'll apply that patch to fix it. Fortunately, they've already bumped the version that's bundled in git and I'm going to try and convince them to allow building against a system copy so I won't have to worry about this anymore. [1] https://github.com/libuv/libuv/pull/215 [2] https://nvd.nist.gov/vuln/detail/CVE-2015-0278 -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx
