Bug#481960: openssh-blacklist: compressed with bzip2, breaks upgrade on dpkg <1.10.24

Mon, 19 May 2008 12:24:42 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Package: openssh-blacklist
Severity: grave

The 'openssh-blacklist' package is currently "questionably useful" on
older Debian systems.

Issue;
  1. With the security update, 'openssh-server' 1:4.3p2-9 now
     Depends: 'openssh-blacklist'.
  2. 'openssh-blacklist' 0.1.1 has been packaged with bzip2 compression
     (contains data.tar.bz2).
  3. Versions of 'dpkg-deb' below 'dpkg' <1.10.24 do not understand bzip2.
  4. Because of the hard dependency, a fixed 'openssh-server' does not
     get configured/restarted.

Example;
  (dpkg=1.10.21)

  $ sudo apt-get -f install
  ...
  Unpacking openssh-blacklist (from .../openssh-blacklist_0.1.1_all.deb) ...
  dpkg-deb: file `/var/cache/apt/archives/openssh-blacklist_0.1.1_all.deb' 
contains ununderstood data member data.tar.bz2    , giving up
  dpkg: error processing 
/var/cache/apt/archives/openssh-blacklist_0.1.1_all.deb (--unpack):
   subprocess dpkg-deb --fsys-tarfile returned error exit status 2

  $ sudo apt-get install openssh-server
  ...
  The following packages have unmet dependencies:
    openssh-server: Depends: openssh-blacklist but it is not going to be 
installed

Background;
  The 'openssh-blacklist' packages contains approximately 2*100k*80-bit hashes;
  around ~2MB of raw (effectively random) data.  This data is hex-encoded
  upto a larger uncompressed size of ~4MB (primarily containing '[0-9a-f\n]').

  Being a minimal-entropy (although sorted) data-set, there is little to
  be gained from the choice of compressor (+/-5%; entirely from hex 
de-expansion);
  aside from reduced compatibility.

Ideally the package would be revved and uploaded using gzip
compression, for compatilibity with long-standing previous
installations of Debian---which perhaps receive no updates except
for critical security issues.

        -Paul
- -- 
Why do one side of a triangle when you can do all three.  Somewhere, GB.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFIMdMpc444tukM+iQRAnHzAKCY4SKopHjjMt3EULyT286Y8BLZAgCeLX+v
06H03pGpfy23P7SoWFyltpA=
=tWOz
-----END PGP SIGNATURE-----





-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to