[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: gcrypt7/gnutls10 => gcrypt11/gnutls11 for Sarge

On Sat, Jul 24, 2004 at 05:35:59PM +0200, Matthias Urlichs wrote:
> * gnutls10 and gcrypt7 are *seriously* out-of-date Upstream;
> * Upstream urges us to not distribute them in Sarge (cf. bug #258975):
>   >> FWIW, I want to restate that I consider it a *very bad idea* to go
>   >> with libgcrypt7 for the Sarge release.  We did not declared that
>   >> release stable [...] PLEASE, reconsider this decision and drop
>   >> libgcrypt7 in favor of libgcrypt11 - the required changes to the
>   >> source are minimal if at all required.  Rebuilding will do it in
>   >> allmost all cases
> * gnutls10 does not support multithreaded programs correctly; gnutls11
>   has a more generic callback mechanism (cf. bug #244827);
> * the API changes are minor and only require recompilation;

> I would like to ask for reconsideration of the D-I package freeze.

> Specifically, I would like to

> * add gnutls11 and gcrypt11 to the list of D-I packages,
> * Rebuild everything, or at least the packages with Priority<optional,
>   to use grypt11 and gnutls11.
> * Drop gcrypt7 and gnutls10 from the list of base packages, downgrade
>   them to Optional status.

> gnutls11 has been uploaded to Experimental and currently waits for
> NEW processing. The packages are also available at

- The packages need to be present in unstable and testing before we can
  make any such decision.
- We currently do not have any way of *removing* packages from
  debootstrap's list of base packages without causing harmful d-i churn;
  therefore, whether or not gnutls11 is added to the list, gnutls10
  would still be installed.
- I don't believe there are any multithreaded applications in base that
  use gnutls.

I understand upstream's concerns about shipping an outdated library, but
I don't believe there's any way to avoid that now.  If you would like to
propose that gnutls11 be included in base *as well*, you would need to
talk to the debootstrap maintainers -- but there's no sense in doing so
until gnutls11 has made it at least into unstable.

I would recommend re-uploading gnutls11 and gcrypt11 to unstable
immediately; I don't see any reason why the addition of new library
packages needs to be staged in experimental, this would be more of an
issue for packages *depending* on such libraries.

Steve Langasek
postmodern programmer

Attachment: signature.asc
Description: Digital signature

Reply to: