Re: [SECURITY] [DSA 1376-1] New kdebase packages fix authentication bypass
Steve Kemp wrote:
On Fri Sep 21, 2007 at 18:01:10 +0300, Riku Valli wrote:
For the stable distribution (etch), this problem has been fixed in version
4:3.5.5a.dfsg.1-6etch1.
It seems at kdebase and fetchmailconf depencies are broken.
I don't see what the source of this is.
Source is i386, sorry about that.
kdebase: Depends: kappfinder (>= 4:3.5.5a.dfsg.1-6etch1) but
4:3.5.5a.dfsg.1-6 is installed.
kappfinder is a binary coming from the kdebase package.
Depends: kate (>= 4:3.5.5a.dfsg.1-6etch1) but 4:3.5.5a.dfsg.1-6 is in
stalled.
ditto.
Unless I'm being dense the kdebase package provides all the
correct versions to satisfy itself:
eg.
kappfinder_3.5.5a.dfsg.1-6etch1_amd64.deb
kate_3.5.5a.dfsg.1-6etch1_amd64.deb
(Same thing for fetchmail/fetchmailconf.)
Steve
Normally aptitude upgrade cannot upgrade packages.
I belive at this really remove kde.
aptitude dist-upgrade
Reading package lists... Done
Building dependency tree... Done
Reading extended state information
Initializing package states... Done
Reading task descriptions... Done
Building tag database... Done
The following packages are BROKEN:
fetchmailconf kdebase
The following packages are unused and will be REMOVED:
kdepasswd kdeprint khelpcenter klipper kmenuedit konqueror-nsplugins
kpager kpersonalizer ksmserver ksplash ksysguard ktip
2 packages upgraded, 0 newly installed, 12 to remove and 0 not upgraded.
*Need to get 103kB of archives. After unpacking 14.2MB will be freed.*
The following packages have unmet dependencies:
kdebase: Depends: kappfinder (>= 4:3.5.5a.dfsg.1-6etch1) but 4:3.5.5a.dfsg
is installed.
Depends: kate (>= 4:3.5.5a.dfsg.1-6etch1) but 4:3.5.5a.dfsg.1-6 i
stalled.
Depends: kcontrol (>= 4:3.5.5a.dfsg.1-6etch1) but 4:3.5.5a.dfsg.1
s installed.
Depends: kdebase-bin (>= 4:3.5.5a.dfsg.1-6etch1) but 4:3.5.5a.dfs
6 is installed.
Depends: kdebase-kio-plugins (>= 4:3.5.5a.dfsg.1-6etch1) but 4:3.
.dfsg.1-6 is installed.
Depends: kdepasswd (>= 4:3.5.5a.dfsg.1-6etch1) but it is not inst
ble
Depends: kdeprint (>= 4:3.5.5a.dfsg.1-6etch1) but it is not insta
le
Depends: kdesktop (>= 4:3.5.5a.dfsg.1-6etch1) but 4:3.5.5a.dfsg.1
s installed.
Depends: kfind (>= 4:3.5.5a.dfsg.1-6etch1) but 4:3.5.5a.dfsg.1-6
nstalled.
Depends: khelpcenter (>= 4:3.5.5a.dfsg.1-6etch1) but it is not in
lable
Depends: kicker (>= 4:3.5.5a.dfsg.1-6etch1) but 4:3.5.5a.dfsg.1-6
installed.
Depends: klipper (>= 4:3.5.5a.dfsg.1-6etch1) but it is not instal
e
Depends: kmenuedit (>= 4:3.5.5a.dfsg.1-6etch1) but it is not inst
ble
Depends: konqueror-nsplugins (>= 4:3.5.5a.dfsg.1-6etch1) but it i
t installable
Depends: konqueror (>= 4:3.5.5a.dfsg.1-6etch1) but 4:3.5.5a.dfsg.
is installed.
Depends: konsole (>= 4:3.5.5a.dfsg.1-6etch1) but 4:3.5.5a.dfsg.1-
installed.
Depends: kpager (>= 4:3.5.5a.dfsg.1-6etch1) but it is not install
Depends: kpersonalizer (>= 4:3.5.5a.dfsg.1-6etch1) but it is not
allable
Depends: ksmserver (>= 4:3.5.5a.dfsg.1-6etch1) but it is not inst
ble
Depends: ksplash (>= 4:3.5.5a.dfsg.1-6etch1) but it is not instal
e
Depends: ksysguard (>= 4:3.5.5a.dfsg.1-6etch1) but it is not inst
ble
Depends: ktip (>= 4:3.5.5a.dfsg.1-6etch1) but it is not installab
Depends: kwin (>= 4:3.5.5a.dfsg.1-6etch1) but 4:3.5.5a.dfsg.1-6 i
stalled.
Depends: libkonq4 (>= 4:3.5.5a.dfsg.1-6etch1) but 4:3.5.5a.dfsg.1
s installed.
fetchmailconf: Depends: fetchmail (>= 6.3.6-1etch1) but 6.3.6-1 is install
Resolving dependencies...
The following actions will resolve these dependencies:
*Remove the following packages:
kde
kde-amusements
kde-core
kdebase*
Keep the following packages at their current version:
fetchmailconf [6.3.6-1 (stable, now)]
Score is -324
Accept this solution? [Y/n/q/?] q
Regards, Riku
Reply to: