Re: Some obsolete packages on squeeze-security

To: "Dominic Hargreaves" <dom@earth.li>
Cc: debian-security@lists.debian.org, ftpmaster@debian.org
Subject: Re: Some obsolete packages on squeeze-security
From: "Thijs Kinkhorst" <thijs@debian.org>
Date: Mon, 7 Feb 2011 19:19:45 +0100
Message-id: <[🔎] 78f4ad20ba597b966dd6cb541ab38cee.squirrel@wm.kinkhorst.nl>
In-reply-to: <[🔎] 20110207171845.GE4803@urchin.earth.li>
References: <[🔎] 20110207171845.GE4803@urchin.earth.li>

Hi Dominic,

On Mon, February 7, 2011 18:18, Dominic Hargreaves wrote:
> squeeze-security (i386 at least) has the following binary packages
> which are not in squeeze. They are therefore selected as candidates for
> install even though they represent an unmaintained branch of code.
> The i386 packages are listed by way of illustration, although the
> analysis should perhaps be done for the other archs too.

Thanks for reporting this. That obsolete packages are not cleaned from the
security archive is a known issue which also posed problems for Lenny
(e.g. libapache-mod-php4 still present while Apache 1.x had been removed,
which caused repeated bugreports and people keeping obsolete packages
installed).

We've brought this to the attention of the ftpmasters in the past but as
it seems they unfortunately didn't yet find the time to solve this
structurally, e.g. through a periodic cleaning operation of sorts. I do
not blame them for this as they've done tremendous amounts of other work
for the security archive last year, and you can't do everthing.

FTPmasters: can you please remove below mentioned packages from
squeeze-security? A permanent solution would of course be even greater!

Thanks,
Thijs

> They (at minimum) should probably be removed from squeeze-security
> (all the other packages were also older than their squeeze counterparts,
> so should be removed too, which would save the exhaustive analysis on
> per-binary-package case).
>
> This is particularly likely to cause problems for people upgrading,
> where the obsolete packages are more likely to be selected.
>
> gs-aladdin
> gs
> kvm-source
> linux-doc-2.6.30
> linux-headers-2.6.30-2-486
> linux-headers-2.6.30-2-686-bigmem
> linux-headers-2.6.30-2-686
> linux-headers-2.6.30-2-all-i386
> linux-headers-2.6.30-2-all
> linux-headers-2.6.30-2-amd64
> linux-headers-2.6.30-2-common
> linux-image-2.6.30-2-486
> linux-image-2.6.30-2-686-bigmem
> linux-image-2.6.30-2-686
> linux-image-2.6.30-2-amd64
> linux-manual-2.6.30
> linux-patch-debian-2.6.30
> linux-source-2.6.30
> linux-support-2.6.30-2
> linux-tree-2.6.30
> openoffice.org-l10n-lo
>
> Cheers,
> Dominic.
>
> --
> Dominic Hargreaves | http://www.larted.org.uk/~dom/
> PGP key 5178E2A5 from the.earth.li (keyserver,web,email)
>
>
> --
> To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
> Archive: [🔎] 20110207171845.GE4803@urchin.earth.li">http://lists.debian.org/[🔎] 20110207171845.GE4803@urchin.earth.li
>
>

Reply to:

References:
- Some obsolete packages on squeeze-security
  - From: Dominic Hargreaves <dom@earth.li>

Prev by Date: Some obsolete packages on squeeze-security
Next by Date: Some obsolete packages in squeeze-security
Previous by thread: Some obsolete packages on squeeze-security
Next by thread: Some obsolete packages in squeeze-security
Index(es):
- Date
- Thread