-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
included libraries; recent xz-utils / liblzma compromise #69
Comments
yes, so we should not be affected. So anything to do for us here? |
On the compromise, no, we should be more than OK (but I thought I'd check). I'm trying to figure out what's going on with the embedded languages. We clearly ship some libraries as
I think the release notes are also wrong about installing those interpreters on the system — if they work at all, they will work with the builtin appimage version. |
Findings: all interpreters are currently configured with
I've reconfigured my builds to include this in
Only Python3 seems to have stable-ABI capabilities. On any system, one can For the other interpreters , vimhelp says this about
… so for those, maybe non-dynamic is the least bad option. What do you think should be done? I could
|
I ran
Two things to note here:
libruby
,llibperl
,liblua
and (interestingly)libpython2
(but not 3) which is different from what the release notes / documentation state. I had some release note PR's coming up in any case for unrelated stuff (AppRun.extracted
), so I ended up verifying and rewriting the docs.xz
/liblzma5
/sshd
backdoor (e.g. see the Debian fallout).sshd
anywayvim-appimage
's are currently built with Ubuntu 20.04, we probably link to (and "ship") even older versions. I thinkvim
can access compression algorithms (e.g. via its embedded languages) so this might still be a relevant pointsquashfs
) isgzip
, notxz
(see below)The text was updated successfully, but these errors were encountered: