On Sun, Mar 13, 2016 at 02:26:26AM +0100, Aurelien Jarno wrote: > For historical reason, disk space on boot floppies, the libnss_dns.so.2 > and libnss_files.so.2 libraries are in separate udeb packages, namely > libnss-dns-udeb and libnss-files-udeb. This is not the case of the deb > package, where everything is in the libc6 package. > > In practice these libraries are really small by nowadays standards (22kB > and 47kB uncompressed), and moreover libnss-dns-udeb is already included > in all images. In addition these libraries are tightly coupled to the > libresolv library which is in libc6-udeb. The recent CVE-2015-7547 has > shown that, and Ubuntu hit a bug by having the two out of sync in their > installer [1]. We would have got the same if debian-installer was pulling > its udeb from debian-security. > > That's why I would like to propose to merge back libnss-dns-udeb and > libnss-files-udeb back into libc6-udeb. The idea is to make libc6-udeb > to provide them, it seems udpkg supports that. The only packages having > a dependency on libnss-files-udeb are espeakup-udeb, rdnssd-udeb, > open-iscsi and openssh-client-udeb, and none of them has a versioned > dependency. None of the udeb have a dependency on libnss-files-udeb. > > Any opinion on that?
It sounds like a good idea to me. :) Kind regards Philipp Kern
