Bug#484269: Policy 2.5 disagrees with you
> Russ Allbery <rra@debian.org> writes:
>
> > "Moore, Joe" <joe.moore@siemens.com> writes:
> >
> >>>From the Debian Policy manual:
> >> 2.5
> >> Packages must not depend on packages with lower priority values
> >> (excluding build-time dependencies). In order to ensure this, the
> >> priorities of one or more packages may need to be adjusted.
> >>
> >> openssh-server has Priority: optional
> >> openssh-blacklist has Priority: extra
> >
> > openssh-blacklist has the wrong priority and should be
> priority: optional.
> > This problem is significant enough that the need for this
> package is not
> > an unusual or edge case. I'll file a bug against
> openssh-blacklist asking
> > that it be increased.
>
> I spoke too soon -- I shouldn't have taken your word for the
> priority of
> openssh-blacklist. It's already priority: optional. So
> nothing to fix
> here.
Has this changed since stable? On my freshly-installed 4.0r3 system:
media2:~# aptitude show openssh-blacklist
Package: openssh-blacklist
State: installed
Automatically installed: yes
Version: 0.1.1
Priority: extra
Section: net
Maintainer: Kees Cook <kees@outflux.net>
Uncompressed Size: 4194k
Recommends: openssh-client
Description: list of blacklisted OpenSSH RSA and DSA keys
Contains the list of known-bad OpenSSH keys, for ssh-vulnkeys to use
when
examining suspect keys.
Reply to: