Package: sane-utils Version: 1.1.1-1 saned is a daemon used to share scanners over the networks.
This belongs in its own package. Users should be able to install and run the other command-line utilities - in particular, scanimage - without installing saned (even if it is disabled). This is analogous to cupsd, which is provided in a separate package from the rest of CUPS. As with any daemon, there is an attack surface with saned*. Also note that there are Debian-based containers which make use of scanimage but not saned, and these could benefit from splitting it. I would suggest this be achieved as follows: 1) move all files related to saned out of "sane-utils", and into a new package named "sane-dameon"; 2) move all remaining files out of "sane-utils", and into a new package named "libsane-utils"; 3) retain "sane-utils" as a virtual package that depends on both packages above, to ensure upgrades work as expected. Thank you, David * https://www.debian.org/lts/security/2017/dla-940.en.html
