[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bits from the Testing Security team

On Mon, Oct 15, 2007 at 08:48:02PM +0200, Nico Golde wrote:
> Hi Ian,
> * Ian Jackson <ian@davenant.greenend.org.uk> [2007-10-15 19:59]:
> > Nico Golde writes ("Re: Bits from the Testing Security team"):
> > > Yes, dpkg for example links statically against libbz2 and zlib just to 
> > > pick a famous example.
> > 
> > IMO this is a mistake, and I hope it will be reversed soon ...
> 
> quoting Adam Heath from #debian-devel:
> 2007-10-15 18:07 <eigood> dpkg's configure has an option for using shared libraries or static linking
> 2007-10-15 18:08 <eigood> for gzip, it can do a static library link, a dynamic library link, or a  runtime fork/exec of gzip
> 2007-10-15 18:08 <eigood> afaicr, when I did the patch
> 2007-10-15 18:10 <eigood> the real reason, is dpkg used to only fork/exec gzip
> 2007-10-15 18:11 <eigood> for efficiency, I gave it an option to link to zlib
> 2007-10-15 18:11 <eigood> however, I didn't want to introduce another dependency into the base system
> 2007-10-15 18:11 <eigood> so I made it link statically

Current priority required pacakges having a (pre) depends on zlib1g:
- util-linux

Priority important:
- gnupg
- gpgv
- libgnutls13
- libopencdk10
- libopencdk8
- libssl0.9.8
- man-db

Standard:
- libmagic1
- openssh-client
- pciutils
- w3m

I don't think you'll add much to base.


Kurt
Reply to: