Re: Bits from the Testing Security team

To: debian-devel@lists.debian.org
Subject: Re: Bits from the Testing Security team
From: Kurt Roeckx <kurt@roeckx.be>
Date: Mon, 15 Oct 2007 22:03:04 +0200
Message-id: <[🔎] 20071015200303.GA8798@roeckx.be>
In-reply-to: <[🔎] 20071015190806.GA6681@roeckx.be>
References: <200710142339.02272.sf@debian.org> <[🔎] 20071015090632.GF18217@mithrandir> <[🔎] 20071015092002.GC23422@ngolde.de> <[🔎] 20071015131806.GA22711@mithrandir> <[🔎] 20071015141735.GB27394@ngolde.de> <[🔎] 18195.41001.496599.710424@davenant.relativity.greenend.org.uk> <[🔎] 20071015184801.GC3819@ngolde.de> <[🔎] 20071015190806.GA6681@roeckx.be>

On Mon, Oct 15, 2007 at 09:08:06PM +0200, Kurt Roeckx wrote:
> On Mon, Oct 15, 2007 at 08:48:02PM +0200, Nico Golde wrote:
> > Hi Ian,
> > * Ian Jackson <ian@davenant.greenend.org.uk> [2007-10-15 19:59]:
> > > Nico Golde writes ("Re: Bits from the Testing Security team"):
> > > > Yes, dpkg for example links statically against libbz2 and zlib just to 
> > > > pick a famous example.
> > > 
> > > IMO this is a mistake, and I hope it will be reversed soon ...
> > 
> > quoting Adam Heath from #debian-devel:
> > 2007-10-15 18:07 <eigood> dpkg's configure has an option for using shared libraries or static linking
> > 2007-10-15 18:08 <eigood> for gzip, it can do a static library link, a dynamic library link, or a  runtime fork/exec of gzip
> > 2007-10-15 18:08 <eigood> afaicr, when I did the patch
> > 2007-10-15 18:10 <eigood> the real reason, is dpkg used to only fork/exec gzip
> > 2007-10-15 18:11 <eigood> for efficiency, I gave it an option to link to zlib
> > 2007-10-15 18:11 <eigood> however, I didn't want to introduce another dependency into the base system
> > 2007-10-15 18:11 <eigood> so I made it link statically
> 
> Current priority required pacakges having a (pre) depends on zlib1g:
> - util-linux
> 
> Priority important:
> - gnupg
> - gpgv
> - libgnutls13
> - libopencdk10
> - libopencdk8
> - libssl0.9.8
> - man-db
> 
> Standard:
> - libmagic1
> - openssh-client
> - pciutils
> - w3m

The same for libbz2-1.0 only returns gnupg.


Kurt

Reply to:

References:
- Re: Bits from the Testing Security team
  - From: "Francesco P. Lovergine" <frankie@debian.org>
- Re: Bits from the Testing Security team
  - From: Nico Golde <nico@ngolde.de>
- Re: Bits from the Testing Security team
  - From: "Francesco P. Lovergine" <frankie@debian.org>
- Re: Bits from the Testing Security team
  - From: Nico Golde <nico@ngolde.de>
- Re: Bits from the Testing Security team
  - From: Ian Jackson <ian@davenant.greenend.org.uk>
- Re: Bits from the Testing Security team
  - From: Nico Golde <nico@ngolde.de>
- Re: Bits from the Testing Security team
  - From: Kurt Roeckx <kurt@roeckx.be>

Prev by Date: Re: Forming a new linux Distrbution
Next by Date: Re: Forming a new linux Distrbution
Previous by thread: Re: Bits from the Testing Security team
Next by thread: Re: Bits from the Testing Security team
Index(es):
- Date
- Thread