kdelibs3 security update with new dependencies?!
Hello list,
I'm running a Woody box here with a partial KDE install.
It seems like the security team messed up the dependencies of kdelibs3
when they built the recent security update for CAN-2004-1165:
$ sudo apt-get upgrade
Reading Package Lists...
Building Dependency Tree...
The following packages have been kept back
kdelibs3
0 packages upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
$ sudo apt-get -s install kdelibs3
Reading Package Lists...
Building Dependency Tree...
The following extra packages will be installed:
libarts libglib2.0-0 nas-lib
The following NEW packages will be installed:
libarts libglib2.0-0 nas-lib
1 packages upgraded, 3 newly installed, 0 to remove and 0 not upgraded.
<snip>
$ dpkg -s kdelibs3
Package: kdelibs3
Status: install ok installed
Priority: optional
Section: libs
Installed-Size: 23972
Maintainer: Christopher L Cheney <ccheney@debian.org>
Source: kdelibs
Version: 4:2.2.2-13.woody.12
Depends: libbz2-1.0, libc6 (>= 2.2.4-4), libfam0, libjpeg62, libpcre3, libpng2 (>= 1.0.12), libqt2 (>= 3:2.3.1-1), libstdc++2.10-glibc2.2 (>= 1:2.95.4-0.010810), libtiff3g, libxml2 (>= 2.4.19-4), libxslt1 (>= 1.0.16), xlibs (>> 4.1.0), zlib1g (>= 1:1.1.4), kdelibs3-bin | kdelibs-bin, xbase-clients
Suggests: libarts | libarts-alsa | libarts-bin, libkmid | libkmid-alsa | libkmid-bin, kdelibs3-cups, aspell | ispell, anti-aliasing-howto, gdb, libsocksd | libsocks4, libssl0.9.6
<snip>
$ wget <url-of-updated-package>
<snip>
$ dpkg -I /tmp/kdelibs3_2.2.2-13.woody.13_i386.deb
<snip>
Package: kdelibs3
Version: 4:2.2.2-13.woody.13
Section: libs
Priority: optional
Architecture: i386
Depends: libarts (>= 4:2.2.2-1) | libarts-alsa (>= 4:2.2.2-1), libbz2-1.0, libc6 (>= 2.2.4-4), libfam0, libglib2.0-0 (>= 2.0.1), libjpeg62, libpcre3, libpng2(>=1.0.12), libqt2 (>= 3:2.3.1-1), libstdc++2.10-glibc2.2 (>= 1:2.95.4-0.010810), libtiff3g, libxml2 (>= 2.4.19-4), libxslt1 (>= 1.0.16), xlibs (>> 4.1.0), zlib1g (>= 1:1.1.4), kdelibs3-bin | kdelibs-bin, xbase-clients
Suggests: libarts | libarts-alsa | libarts-bin, libkmid | libkmid-alsa | libkmid-bin, kdelibs3-cups, aspell | ispell, anti-aliasing-howto, gdb, libsocksd | libsocks4, libssl0.9.6
Installed-Size: 24032
Maintainer: Christopher L Cheney <ccheney@debian.org>
Source: kdelibs
Description: KDE core libraries (runtime files)
KDE core libraries.
You need these files to run kde applications.
$
What do you think is the appropriate course of action?
TIA,
Nikolaus Schulz
PS: Please note that I'm not subscribed to debian-security.
Reply to: