Control: reassign 846232 libopenvas-dev Control: affects 846232 + libgpgme-dev Control: tags 846232 + patch
Hi Adrian--
thanks for the heads-up!
On Tue 2016-11-29 07:57:28 -0500, Adrian Bunk wrote:
> Package: libgpgme-dev
> Version: 1.8.0-2
> Severity: serious
> Control: affects -1 libopenvas-dev
>
> libopenvas-dev depends on libgpgme11-dev (>=3D 1.1.2), to make libopenvas-dev
> installable again the Provides in libgpgme11-dev must be versioned.
hm, i'm not sure about this. from debian policy 3.9.8.0,
file:///usr/share/doc/debian-policy/policy-1.html#s-virtual (§ 7.5)
says:
If a relationship field has a version number attached, only real
packages will be considered to see whether the relationship is
satisfied (or the prohibition violated, for a conflict or
breakage). In other words, if a version number is specified, this is
a request to ignore all Provides for that package name and consider
only real packages. The package manager will assume that a package
providing that virtual package is not of the "right" version. A
Provides field may not contain version numbers, and the version
number of the concrete package which provides a particular virtual
package will not be considered when considering a dependency on or
conflict with the virtual package name.[52]
[=E2=80=A6]
[52] It is possible that a future release of dpkg may add the
ability to specify a version number for each virtual package it
provides. This feature is not yet present, however, and is
expected to be used only infrequently.
So i think that the place to fix the problem is in libopenvas-dev,
right? Please consider the attached patch.
Feel free to reassign back if you think that this analysis is wrong and
can help me see what the right evaluation is.
> Severity set RC, since this prevents testing migration of gpgme1.0
Agreed that this migration blocker is serious.
Regards,
--dkg
From 5a82ee9d8562d5481a24dd651a2c0dd8ce7ffe32 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <d...@fifthhorseman.net>
Date: Wed, 30 Nov 2016 13:49:08 -0500
Subject: [PATCH] Use the new standard libgpgme-dev package
---
INSTALL | 2 +-
debian/control | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/INSTALL b/INSTALL
index e699424..32d3a34 100644
--- a/INSTALL
+++ b/INSTALL
@@ -52,7 +52,7 @@ Recommended to have RADIUS support:
Install prerequisites on Debian GNU/Linux 'Jessie' 8:
# apt-get install dpkg-dev pkg-config libssh-dev libgnutls28-dev libglib2.0-dev \
- libpcap-dev libgpgme11-dev uuid-dev bison libksba-dev libhiredis-dev \
+ libpcap-dev libgpgme-dev uuid-dev bison libksba-dev libhiredis-dev \
libsnmp-dev libgcrypt20-dev libldap2-dev
diff --git a/debian/control b/debian/control
index 02e6cb8..2c8fc97 100644
--- a/debian/control
+++ b/debian/control
@@ -14,7 +14,7 @@ Build-Depends: debhelper (>= 9.20160709~),
libgcrypt-dev,
libglib2.0-dev (>= 2.32),
libgnutls28-dev,
- libgpgme11-dev (>= 1.1.2),
+ libgpgme-dev,
libhiredis-dev (>=0.10.1),
libksba-dev,
libldap2-dev,
@@ -35,7 +35,7 @@ Depends: ${misc:Depends},
libgcrypt-dev,
libglib2.0-dev,
libgnutls28-dev,
- libgpgme11-dev (>= 1.1.2),
+ libgpgme-dev,
libhiredis-dev (>=0.10.1),
libksba-dev,
libopenvas9 (= ${binary:Version}),
--
2.10.2
signature.asc
Description: PGP signature
