Please provide system shared dynamic linked library #49
Comments
|
Great idea. But we lack of volunteers |
|
Here's a work-in-progress patch we use in fedora, (fun, github won't allow me to attach it) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
At least Psi And Kopete jabber clients uses libiris library. There are probably more projects. Currently libiris can be only built as static library which is directly linked into target application. Both Kopete and Psi has its own copy of libiris in source tree (Psi as git submodule, Kopete real code copy).
Discovered CVE 2017-5593 User Impersonation Vulnerability shows that it is not ideal solution and system distributions must to patch all applications which bundle same source code. And also it cause lot of problems for users who needs to update more applications and only one affected library.
So please provide one system shared dynamic library of libiris which jabber clients can link to it. Such step first needs to stabilize and define API+ABI of library and start correctly version library ABI via soversion.
The text was updated successfully, but these errors were encountered: