Bug#657070: embedded library ltdl

Package: siproxd
Version: 1:0.8.1-1
Severity: important
Tags: security upstream help

siproxd currently ships an embedded copy of the ltdl library.

The original version of ltdl shipped was vunerable to 
'CVE-2009-3736 local privlege esclation'

siproxd upstream (Thomas) have now upgraded the embedded copy of ltdl
as a result siproxd is no longer vunerable to CVE-2009-3736.

The current version of siproxd in Debian Fixed in version siproxd/1:0.8.1-1.

However this Debian version is still using the embedded ltdl library, rather
than the preferred system provided ltdl library.

Whilst siproxd does detect if a system ltdl library is available it does
fail to build from source (FTBFS) with the error:

plugins.c:65: undefined reference to 'lt__PROGRAM__LTX_preloaded_symbols'

which has also been reported here:
http://blog.gmane.org/gmane.network.siproxd/month=20110201

Assistance to fix this issue in the Debian package would be appreciated.

Mark