>>>>> "Steve" == Steve Langasek <steve.langa...@canonical.com> writes:
Steve> I've therefore prepared and uploaded the attached patch to
Steve> mantic, which implements your option 1. I note you only
Steve> mentioned adding Breaks: against older libk5crypto3; a scan
Steve> of the binary packages showed many other reverse-dependencies
Steve> of libkrb5support0 using strlcpy and strlcat, so rather than
Steve> trusting that a Breaks: of libk5crypto3 would be enough to
Steve> force the upgrade together, I added explicit Breaks: against
Steve> all of these other packages.
I've applied your patch, adjusting the version number for the breaks for
Debian.
Including the strict binary dependency in symbols was clever, I would
not have thought of that.
I do think that breaking libk5crypto3 would have gotten many of the
other libraries transitively (as an example krb5-user depends strictly
on libkrb5-3, and libkrb5-3 has depended on the exact version of
libkrb5support0 for a while.
But your patch is more conservative, and that is best in this instance.
Thanks very much for your contribution.
