This is a list of known bundled libs, for us to periodically check on and track for security bugs.
We want to know about bundled libraries even if a separate version is not packaged in Gentoo because the lack of an independent package doesn't negate a possible vulnerability.
(lib)foo isn't in this list!
- 1. File a bug for this issue.
- 2. Make it block the tracker on Bugzilla.
- 3. CC security@ if it's a package with a poor security record.
- 4. Add it to this list, or add a message to the talk (discussion) page letting us know about it.