[Secure-testing-team] Bug#746996: pcp ships an upstream binary without rebuilding it

[Aurelien Jarno]

Source: pcp
Version: 3.9.2
Severity: serious
Tags: security upstream

On i386, pcp ships the upstream binary src/pmdas/mmv/mmvdump into 
/var/lib/pcp/pmdas/mmv/mmvdump without rebuilding it. This violates
Debian policy and might be used by upstream to introduce backdoors or
other security issues.

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.13-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash