[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Is the Debian dependency system broken? (wget vs libgnutls-deb0-28)


> Note that the problem still occurs on an available set of packages:
> just start with a Debian/stable system (jessie) and upgrade
> libgnutls-deb0-28 to unstable (no dependencies/conflicts will
> yield an upgrade of wget, which will occasionally segfault).

well, then, obviously, the dependency on libgnutls-deb0-28 (>= 3.3.0) in
wget is a bit too optimistic. This could have been prevented by the wget
maintainer selecting a more restrictive set ot libgnutls versions,
probably just 3.3.0.

Then again, you wouldn't expect a library to break ABI between
revisions. So this might also be considered a bug in libgnutls or even
in its developers.

In any case, this is nothing any package dependency system could fix
unless told about the situation, because, as noted above, there even is
an expressly written rule stating that 3.3.15, being >= 3.3.0, is
perfectly ok, and that's what apt takes into account, and that's the
best it can do.


Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: