[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: openssl-vulnkey and python

On Thu, Aug 27, 2009 at 07:39:04AM +0100, Neil Williams wrote:
> On Thu, 27 Aug 2009 15:46:51 +0930
> Ron <ron@debian.org> wrote:
> 
> > On Thu, Aug 27, 2009 at 07:09:04AM +0100, Neil Williams wrote:
> > > On Thu, 27 Aug 2009 15:12:20 +0930
> > > Ron <ron@debian.org> wrote:
> > > 
> > > > On Wed, Aug 26, 2009 at 08:16:18PM +0100, David Goodenough wrote:
> > > > > Actually it is openssl-blacklist that contains openssl-vulnkey, and
> > > > > in sid openssl depends on that.  And as openssl-vulnkey is written in
> > > > > python it is rather needed.
> 
> If openssl did depend on the blacklist that would be a Policy violation
> as it would make a circular dependency - the blacklist depends on
> openssl, not vice versa.
> 
> Is something else bringing in the blacklist?

Looks like ssl-cert and openvpn are the prime candidates for dragging
that in as a hard dep.  A bunch of other packages depend on ssl-cert.

> OK, misread that but openssl itself doesn't depend on the blacklist, do
> you really need the SSL blacklist itself on an embedded device?

Depends on the device I guess.  Mostly I've just noticed that python
is getting near impossible to get rid of on any $real system, and the
reasons for that are mostly quite spurious like this one.
Reply to: