[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Blockers of apt 0.6, not related to signature verification

On Sat, Feb 19, 2005 at 04:56:10PM +0100, Florian Weimer wrote:
> * Michael Vogt:
> > There are (AFAIK) no patches for gnome-apt, so it won't know about
> > signed repositories.

And what would be the way to deal with signatures? I only summarilly read
the discussion when support was put in, but I believe there were a few
corner cases which had to be carefully checked for in order for the
implementation to be secure.

> Speaking of gnome-apt, is it in a releasable state?  It claims it's
> stil alpha software.

It's rather beta now ;-) but I've left that message in due to the nasty
crasher you mention below.

> Even though it compiles cleanly against apt 0.6,
> it crashes with a bug box after an apparently successful partial
> upgrade.

Yup, reported quite a while ago.
At first I couldn't reproduce it. But I was on powerpc; after I got a x86
system on which I could use gnome-apt, I ran into it, too. And ISTR a
point last year where it happened even on ppc; I'd have to check if it
still does.

At any rate, I once did a traceback from within gdb once and the crash was
inside libapt. I've intended to do a debug build for libapt ever since but
never got around to it.

> But then, gnome-apt in unstable just hangs after an upgrade,
> and I'm not sure it's a regression.

It is a regression, it used to work fine -- with the limited functionality
which gnome-apt has.



"The only stupid question is the unasked one."
	-- Martin Schulze

Reply to: