[Secure-testing-team] Bug#890496: [libsilo-dev] The Source code from Debian differs from upstream without notice
Adrien
perso at adrieng.fr
Thu Feb 15 09:50:24 UTC 2018
Package: libsilo-dev
Version: 4.10.2-6+b3
Severity: important
Tags: security
X-Debbugs-CC: secure-testing-team at lists.alioth.debian.org
Hi,
When trying to compile visit with Silo, I found that the source code of
Silo from Debian differs from the upstream one, taken here:
https://wci.llnl.gov/simulation/computer-codes/silo/releases
In particuliar, src/silo/silo.c does not have the function
DBSetDataReadMask2, which is there upstream. This prevent visit to be
compiled with silo.
I am using the same version (4.10.2) in both cases.
If it's intentional, there should at least be a notice into the debian
package explaining why the source code is modified into README.source
for instance.
If it's not intentional, it may be a security problem, because who knows
what else is modified ?
Kind regards,
Adrien
--- System information. ---
Architecture:
Kernel: Linux 4.9.0-5-amd64
Debian Release: 9.3
500 stable-updates ftp.univ-nantes.fr
500 stable ftp.univ-nantes.fr
100 stretch-backports ftp.fr.debian.org
--- Package information. ---
Depends (Version) | Installed
===============================-+-================
libsiloh5-0 (= 4.10.2-6+b3) | 4.10.2-6+b3
Package's Recommends field is empty.
Package's Suggests field is empty.
More information about the Secure-testing-team
mailing list