Hi Sven, On Fri, 2008-11-28 at 23:06 +0100, Sven Joachim wrote: > this bug really deserves a severity >= serious. All reverse > dependencies of libneon25 will break after the upgrade, because the > following files are in /usr/lib: They will break only on partial upgrades. Full upgrades will upgrade OpenOffice.org, Subversion and all packages that need neon. My opinion is that transitional packages must remain as-is. Reasons: - Debian is not obliged to support partial upgrades between releases (or show me the relevant part of policy); thus this bugreport should be closed. - neon v0.26.3 and after contains a security fix[1] which was not backported to neon v0.25 . Also neon v0.25 does not have security support anymore, will you provide it for the Lenny lifecycle? - neon v0.25 is already more than three and half years old[2], there were two API changes since then. Why do you want to keep it any longer?
> Now I'm no expert in library packaging, but the only possible outcome of > this mess seems that OpenOffice.org and other reverse dependencies of > libneon25 will fail with "error while loading shared libraries: > libneon25.so.25: cannot open shared object file: No such file or > directory" after the /usr/lib/libneon.so.25* files have disappeared. I repeat: this will happen only if someone does not do a full upgrade, but a partial one. Normal upgrade paths will behave correctly. Here is my deal. Show me the policy reference that I must support partial upgrades and present a gpg signed purpose that you will provide security support for neon v0.25 during the Lenny stable release. Then I will remove the transitional packages. Otherwise please close this bugreport. Regards, Laszlo/GCS [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0157 [2] http://www.webdav.org/neon/history.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
