Wheeler: Insecure open source software libraries?
Posted Apr 7, 2012 12:33 UTC (Sat) by khim
In reply to: Wheeler: Insecure open source software libraries?
Parent article: Wheeler: Insecure open source software libraries?
Oh, and in the other thread you were complaining that the library APIs change too often, but those "current" library versions you're saying here that Ubuntu ought to include probably have backwards-incompatible API changes. You can't have it both ways.
Of course not! The biggest problem with distro-supplied libraries is not even the fact that they provide obsolete version of libraries. This is similarly to what other, saner, platforms are doing. The biggest problem is that you have to work with unknown version of library. One distribution will have libpng 1.2, another one will have libpng 1.5, one will include some fixes backported from older version of library, another will have bugs. WTF? Why should I support all that zoo? It's often easier and simpler to bundle library with the application.
OS should mostly provide facilities I can not easily bundle with the application, not provide bazillion of libraries with constantly changing ABI.
to post comments)