Hi, On 2020-08-23 17:06, Sebastian Ramacher wrote: > On 2020-08-23 13:37:42 +0200, Aurelien Jarno wrote: > > Package: release.debian.org > > Severity: normal > > X-Debbugs-Cc: [email protected], [email protected] > > > > Dear release team, > > > > Back in December we moved libcrypt.so.1 from the libc6 package to the > > libcrypt1 package, which is built from the libxcrypt source package. > > libcrypt will eventually get removed from glibc upstream, this will > > allow faster development independently from glibc. > > > > As the ABI is compatible the "transition" has been transparent, libc6 > > depending on libcrypt1, and libc6-dev depending on libcrypt-dev. > > However it would be good to rebuild the affected packages: > > - They will get a direct dependency on libcrypt1. That would open the > > possibility to remove the libc6 dependency on libcrypt1 in bookworm. > > That would also allow to identify the affected packages to remove the > > libc6-dev dependency on libcrypt-dev, or to handle a possible ABI > > transition. > > - They might start using additional functionalities (e.g. hashing > > algorithms) provided by libcrypt1. > > > > Many packages have already been rebuilt against libxcrypt due to source > > uploads or unrelated binNMUs. We are now down to less than 80 affected > > packages on amd64, so it's probably acceptable to start binNMUing them. > > > > You will find the list below. It has been computed on amd64 only as it's > > a long operation involving unpacking all the packages in the archive and > > checking all the binaries they contains. As the change has been > > introduced at the same time on all architectures, I believe the same > > binNMUs are need for all of them, and anyway we need to keep them in > > sync for multiarch libraries. Once we have been able to get all of the > > packages fixed on amd64, I'll also check the other architectures to see > > if some of them have been missed.
[snip]
> Scheduled binNMUs on all architectures.
Thanks for scheduling the binNMUs. We are down to the following list in
sid/amd64:
apr_1.6.5-1
=> The dependency are not installable, I filled #969065.
apr-util_1.6.1-4
=> The dependency are not installable, I filled #969064.
cernlib_20061220+dfsg3-4.4
=> FTBFS due to #957080, not in testing
fgetty_0.7-6
=> It got rebuilt fine and got correctly linked against the new
libcrypt.so.1. However it's not reflected in the dependencies as the
package doesn't use ${shlibs:Depends}. I filled #969063.
francine_0.99.8+orig-2
=> FTBFS due to #957226, not in testing
gadmin-proftpd_1:0.4.2-1
=> FTBFS due to #957248, not in testing
gadmin-rsync_0.1.7-1
=> FTBFS due to #957250, not in testing
gauche_0.9.6-10
=> FTBFS due to #957256, not in testing
gauche-c-wrapper_0.6.1-11
=> FTBFS due to #925691, not in testing
geant321_1:3.21.14.dfsg-11
=> FTBFS due to #957263, not in testing
gridengine_8.1.9+dfsg-9
=> FTBFS due to #957310, not in testing
mclibs_20061220+dfsg3-3.1
=> FTBFS due to #957522, not in testing
mysql-5.7_5.7.26-1
=> FTBFS due to #969115, not in testing
netatalk_3.1.12~ds-4
=> FTBFS due to #957590, not in testing
pam_1.3.1-5
=> FTBFS due to #956355
paw_1:2.14.04.dfsg.2-9.1
=> FTBFS due to #957665, not in testing
quagga_1.2.4-4
=> FTBFS due to #957737, not in testing
In short the affected ones that are also in testing are:
apr_1.6.5-1
apr-util_1.6.1-4
fgetty_0.7-6
pam_1.3.1-5
I'll track them to see if they get fixed or removed.
Regards,
Aurelien
--
Aurelien Jarno GPG: 4096R/1DDD8C9B
[email protected] http://www.aurel32.net
signature.asc
Description: PGP signature
