Control: reassign 846232 libopenvas-dev
Control: affects 846232 + libgpgme-dev
Control: tags 846232 + patch

Hi Adrian--

thanks for the heads-up!

On Tue 2016-11-29 07:57:28 -0500, Adrian Bunk wrote:
> Package: libgpgme-dev
> Version: 1.8.0-2
> Severity: serious
> Control: affects -1 libopenvas-dev
>
> libopenvas-dev depends on libgpgme11-dev (>=3D 1.1.2), to make libopenvas-dev
> installable again the Provides in libgpgme11-dev must be versioned.

hm, i'm not sure about this.  from debian policy 3.9.8.0,

file:///usr/share/doc/debian-policy/policy-1.html#s-virtual (§ 7.5)
says:

    If a relationship field has a version number attached, only real
    packages will be considered to see whether the relationship is
    satisfied (or the prohibition violated, for a conflict or
    breakage). In other words, if a version number is specified, this is
    a request to ignore all Provides for that package name and consider
    only real packages. The package manager will assume that a package
    providing that virtual package is not of the "right" version. A
    Provides field may not contain version numbers, and the version
    number of the concrete package which provides a particular virtual
    package will not be considered when considering a dependency on or
    conflict with the virtual package name.[52]

    [=E2=80=A6]

    [52] It is possible that a future release of dpkg may add the
         ability to specify a version number for each virtual package it
         provides. This feature is not yet present, however, and is
         expected to be used only infrequently.

So i think that the place to fix the problem is in libopenvas-dev,
right?  Please consider the attached patch.

Feel free to reassign back if you think that this analysis is wrong and
can help me see what the right evaluation is.

> Severity set RC, since this prevents testing migration of gpgme1.0

Agreed that this migration blocker is serious.

Regards,

       --dkg

From 5a82ee9d8562d5481a24dd651a2c0dd8ce7ffe32 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <d...@fifthhorseman.net>
Date: Wed, 30 Nov 2016 13:49:08 -0500
Subject: [PATCH] Use the new standard libgpgme-dev package

---
 INSTALL        | 2 +-
 debian/control | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/INSTALL b/INSTALL
index e699424..32d3a34 100644
--- a/INSTALL
+++ b/INSTALL
@@ -52,7 +52,7 @@ Recommended to have RADIUS support:
 
 Install prerequisites on Debian GNU/Linux 'Jessie' 8:
 # apt-get install dpkg-dev pkg-config libssh-dev libgnutls28-dev libglib2.0-dev \
-  libpcap-dev libgpgme11-dev uuid-dev bison libksba-dev libhiredis-dev \
+  libpcap-dev libgpgme-dev uuid-dev bison libksba-dev libhiredis-dev \
   libsnmp-dev libgcrypt20-dev libldap2-dev
 
 
diff --git a/debian/control b/debian/control
index 02e6cb8..2c8fc97 100644
--- a/debian/control
+++ b/debian/control
@@ -14,7 +14,7 @@ Build-Depends: debhelper (>= 9.20160709~),
                libgcrypt-dev,
                libglib2.0-dev (>= 2.32),
                libgnutls28-dev,
-               libgpgme11-dev (>= 1.1.2),
+               libgpgme-dev,
                libhiredis-dev (>=0.10.1),
                libksba-dev,
                libldap2-dev,
@@ -35,7 +35,7 @@ Depends: ${misc:Depends},
          libgcrypt-dev,
          libglib2.0-dev,
          libgnutls28-dev,
-         libgpgme11-dev (>= 1.1.2),
+         libgpgme-dev,
          libhiredis-dev (>=0.10.1),
          libksba-dev,
          libopenvas9 (= ${binary:Version}),
-- 
2.10.2

Attachment: signature.asc
Description: PGP signature

Reply via email to