Interesting

To: debian-devel@lists.debian.org
Subject: Interesting
From: Jon Nelson <jnelson@boa.org>
Date: Sun, 11 Mar 2001 16:32:33 -0600
Message-id: <[🔎] 20010311223233.60C3CEF12@honker.jon.net>

I found out something interesting.

I really really want a recent openssh and a recent libssl in testing.
I've been complaining about it for a long time, and Anthony Towns (aj) told
me, basically, that either all of the packages in testing that depend on
libssl09 would have to be recompiled, on all arches, for libssl096, or
libssl09 itself would have to be recompiled, on all arches, as an "oldlib"
style library.  He sent me information on the latter to accomplish this.

However, a wee bit of detective work showed me that all of the packages
in testing that depend on libssl09 could be replaced by newer versions in
unstable, and the newer versions *all* depend on libss096.

So? you might ask?  I say this: move those packages and libssl096 (and -devel 
and openssl 096) into testing, *remove* libssl09 completely from testing,
and let life go on.  How is this any different from the following scenarios:

1.  libssl09 gets rebuilt as an old lib, allowing libssl096 into testing, 
which allows all of the programs in unstable (those that don't have RC bugs)
that currently depend on libssl096 also into testing.  result? same.

2.  all libssl09-dependant packages get recompiled, on all arches, to 
libssl096, allowing libssl096 into testing when nothing depends on libssl09 
anymore, and thus those packages (because they don't break libssl09). result? 
same.

So, friends, in the interests of expediency and what I feel is a unique 
situation, I propose that we simply migrate each package from unstable 
into testing, along with openssl 0.9.6, and remove libssl09 completely.

Now, i've been trying to get ahold of aj online (in irc) for a few days now,
so I apologize if I'm stupid or overlooked something.

Still, since we are nearing freeze, I think doing this is very important --
stunnel in testing is version *3.4* (not 3.14, 3.4) and yes, there are 
security issues with versions prior to 3.11, etc...


-- 
"We all enter this world in the same way: naked; screaming; soaked in
blood. But if you live your life right, that kind of thing doesn't have
to stop there." -- Dana Gould

Jon Nelson
jnelson@boa.org

Reply to:

Prev by Date: Re: popularity contest and queso
Next by Date: ls-lR files of ftp servers are not uptodate
Previous by thread: Re: popularity contest and queso
Next by thread: ls-lR files of ftp servers are not uptodate
Index(es):
- Date
- Thread