Time to reply to myself again :)
I went silent in this thread since the end of January because I spent
time fuzzing 8 libraries + CLI front-ends of the DBM family, starting
with LMDB:
> > liblmdb* or libleveldb* are much less popular in popcon by_inst than
> > libdb, yeah...
> >
> >
> > Do we
Hi Adrian,
On 1/27/18 1:35 PM, Adrian Bunk wrote:
> On Sat, Jan 27, 2018 at 12:25:20PM +0100, Lionel Debroux wrote:
> > Hi Adrian,
>
> Hi Lionel,
>
> > On 1/27/18 6:27 AM, Adrian Bunk wrote:
> > ...
> > > There doesn't seem to be any disagreement on the general idea,
> > > the only thing missing
Hi David,
On 1/27/18 1:12 PM, David Kalnischkies wrote:
> On Fri, Jan 26, 2018 at 11:49:41PM +0100, Lionel Debroux wrote:
> > > Anyway, the only util in apt-utils making use of libdb is
> > > apt-ftparchive which a) isn't used much in Debian – but by some
> > > derivatives¹ and b) can operate
Replying to myself...
On 1/26/18 11:48 PM, Lionel Debroux wrote:
> Hi Scott,
>
> On 1/26/18 7:05 AM, Scott Kitterman wrote:
> > On Thursday, January 25, 2018 11:59:06 PM Lionel Debroux wrote:
> > >
> > > [...]
> > > ---
> > > Do you think we should start the journey of getting rid of
> > >
2018-01-27 13:53 GMT+01:00 David Kalnischkies :
> On Fri, Jan 26, 2018 at 12:24:26PM +0100, Miriam Ruiz wrote:
>> 2018-01-26 12:02 GMT+01:00 Colin Watson :
>> >> Finding someone performing the daunting task of actually switching code,
>> >> documentation
On Sat, Jan 27, 2018 at 01:53:54PM +0100, David Kalnischkies wrote:
>...
> I guess you can kill both birds with one stone if you go for a "write
> libdb-api-compatibility layer for your favorite other db", but that
> wouldn't really be a Debian task anymore. Without even thinking a split-
> second
On Sat, Jan 27, 2018 at 12:22:59PM +0100, Lionel Debroux wrote:
>...
> On 1/27/18 1:42 AM, Guillem Jover wrote:
> > On Thu, 2018-01-25 at 23:59:06 +0100, Lionel Debroux wrote:
> > > Several days ago, jmm from the security team suggested that I start
> > > a discussion on debian-devel about
On Fri, Jan 26, 2018 at 12:24:26PM +0100, Miriam Ruiz wrote:
> 2018-01-26 12:02 GMT+01:00 Colin Watson :
> >> Finding someone performing the daunting task of actually switching code,
> >> documentation and existing databases over on the other hand… I at least
> >> don't see me
On Sat, Jan 27, 2018 at 12:25:20PM +0100, Lionel Debroux wrote:
> Hi Adrian,
Hi Lionel,
> On 1/27/18 6:27 AM, Adrian Bunk wrote:
>...
> > There doesn't seem to be any disagreement on the general idea,
> > the only thing missing is a person doing the work on getting
> > all Debian packages ported
On Fri, Jan 26, 2018 at 11:49:41PM +0100, Lionel Debroux wrote:
> > Anyway, the only util in apt-utils making use of libdb is
> > apt-ftparchive which a) isn't used much in Debian – but by some
> > derivatives¹ and b) can operate without the backing of a db, but you
> > don't want to run a large
Hi Adrian,
On 1/27/18 6:27 AM, Adrian Bunk wrote:
> On Fri, Jan 26, 2018 at 11:49:41PM +0100, Lionel Debroux wrote:
> > ...
> > On 1/26/18 11:39 AM, David Kalnischkies wrote:
> > ...
> > > Finding someone performing the daunting task of actually switching
> > > code, documentation and existing
Hi Guillem,
On 1/27/18 1:42 AM, Guillem Jover wrote:
> On Thu, 2018-01-25 at 23:59:06 +0100, Lionel Debroux wrote:
> > Several days ago, jmm from the security team suggested that I start
> > a discussion on debian-devel about Berkeley DB, which has known
> > security issues, because doing so may
On Fri, Jan 26, 2018 at 11:49:41PM +0100, Lionel Debroux wrote:
>...
> On 1/26/18 11:39 AM, David Kalnischkies wrote:
>...
> > Finding someone performing the daunting task of actually switching
> > code, documentation and existing databases over on the other hand… I
> > at least don't see me
Hi!
On Thu, 2018-01-25 at 23:59:06 +0100, Lionel Debroux wrote:
> Several days ago, jmm from the security team suggested that I start a
> discussion on debian-devel about Berkeley DB, which has known security
> issues, because doing so may enable finding a consensus on how to move
> away from it
Hi,
On 1/26/18 11:39 AM, David Kalnischkies wrote:
> On Thu, Jan 25, 2018 at 11:59:06PM +0100, Lionel Debroux wrote:
> > In practice, Berkeley DB is a core component of most *nix distros.
> > Debian popcon indicates that libdb5.3 is installed on ~80% of the
> > computers which report to popcon.
>
Hi Scott,
On 1/26/18 7:05 AM, Scott Kitterman wrote:
> On Thursday, January 25, 2018 11:59:06 PM Lionel Debroux wrote:
> >
> > [...]
> > ---
> > Do you think we should start the journey of getting rid of libdb5.3
> > at a wide scale ? And if so, how to optimize resource usage in
> > general ? :)
Hi Timo,
On 1/26/18 12:21 PM, Timo Aaltonen wrote:
> On 26.01.2018 00:59, Lionel Debroux wrote:
> > ---
> > Do you think we should start the journey of getting rid of libdb5.3
> > at a wide scale ? And if so, how to optimize resource usage in
> > general ? :)
> > ---
>
> I asked 389-ds-base
Hi Marco,
On 1/26/18 1:46 AM, Marco d'Itri wrote:
> On Jan 25, Lionel Debroux wrote:
> > Several days ago, jmm from the security team suggested that I start
> > a discussion on debian-devel about Berkeley DB, which has known
> > security issues, because doing so may
Hi Ryan,
On 1/26/18 1:02 AM, Ryan Tandy wrote:
> On Thu, Jan 25, 2018 at 11:59:06PM +0100, Lionel Debroux wrote:
> > the vast majority of the ~170 reverse dependencies of libdb5.3
> > listed by `apt-cache rdepends libdb5.3` on sid will require (much)
> > more work to get rid of that dependency,
On 26.01.2018 00:59, Lionel Debroux wrote:
> ---
> Do you think we should start the journey of getting rid of libdb5.3 at a
> wide scale ? And if so, how to optimize resource usage in general ? :)
> ---
I asked 389-ds-base upstream about their plans, and got this draft plan
of getting rid of bdb
2018-01-26 12:02 GMT+01:00 Colin Watson :
>> Finding someone performing the daunting task of actually switching code,
>> documentation and existing databases over on the other hand… I at least
>> don't see me enthusiastically raising my arm crying "let me, let me, …".
>
> I
On Fri, Jan 26, 2018 at 11:39:29AM +0100, David Kalnischkies wrote:
> On Thu, Jan 25, 2018 at 11:59:06PM +0100, Lionel Debroux wrote:
> > In practice, Berkeley DB is a core component of most *nix distros.
> > Debian popcon indicates that libdb5.3 is installed on ~80% of the
> > computers which
On Thu, Jan 25, 2018 at 11:59:06PM +0100, Lionel Debroux wrote:
> In practice, Berkeley DB is a core component of most *nix distros.
> Debian popcon indicates that libdb5.3 is installed on ~80% of the
> computers which report to popcon.
I wonder how many of this ~80% is only due to having
On Thursday, January 25, 2018 11:59:06 PM Lionel Debroux wrote:
> Hi,
>
> Several days ago, jmm from the security team suggested that I start a
> discussion on debian-devel about Berkeley DB, which has known security
> issues, because doing so may enable finding a consensus on how to move
> away
On Jan 25, Lionel Debroux wrote:
> Several days ago, jmm from the security team suggested that I start a
> discussion on debian-devel about Berkeley DB, which has known security
> issues, because doing so may enable finding a consensus on how to move
Can you clarify the
On Thu, Jan 25, 2018 at 11:59:06PM +0100, Lionel Debroux wrote:
the vast majority of the ~170 reverse dependencies of libdb5.3 listed by
`apt-cache rdepends libdb5.3` on sid will require (much) more work to
get rid of that dependency, with impact on backwards compatibility...
Among those
Hi,
Several days ago, jmm from the security team suggested that I start a
discussion on debian-devel about Berkeley DB, which has known security
issues, because doing so may enable finding a consensus on how to move
away from it in Debian (which is hard). So here's a post :)
Please keep me
27 matches
Mail list logo