Your message dated Mon, 19 May 2008 13:15:40 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Re: Bug#481960: openssh-blacklist: compressed with bzip2,
breaks upgrade on dpkg <1.10.24
has caused the Debian Bug report #481960,
regarding openssh-blacklist: compressed with bzip2, breaks upgrade on dpkg
<1.10.24
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
481960: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481960
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Package: openssh-blacklist
Severity: grave
The 'openssh-blacklist' package is currently "questionably useful" on
older Debian systems.
Issue;
1. With the security update, 'openssh-server' 1:4.3p2-9 now
Depends: 'openssh-blacklist'.
2. 'openssh-blacklist' 0.1.1 has been packaged with bzip2 compression
(contains data.tar.bz2).
3. Versions of 'dpkg-deb' below 'dpkg' <1.10.24 do not understand bzip2.
4. Because of the hard dependency, a fixed 'openssh-server' does not
get configured/restarted.
Example;
(dpkg=1.10.21)
$ sudo apt-get -f install
...
Unpacking openssh-blacklist (from .../openssh-blacklist_0.1.1_all.deb) ...
dpkg-deb: file `/var/cache/apt/archives/openssh-blacklist_0.1.1_all.deb'
contains ununderstood data member data.tar.bz2 , giving up
dpkg: error processing
/var/cache/apt/archives/openssh-blacklist_0.1.1_all.deb (--unpack):
subprocess dpkg-deb --fsys-tarfile returned error exit status 2
$ sudo apt-get install openssh-server
...
The following packages have unmet dependencies:
openssh-server: Depends: openssh-blacklist but it is not going to be
installed
Background;
The 'openssh-blacklist' packages contains approximately 2*100k*80-bit hashes;
around ~2MB of raw (effectively random) data. This data is hex-encoded
upto a larger uncompressed size of ~4MB (primarily containing '[0-9a-f\n]').
Being a minimal-entropy (although sorted) data-set, there is little to
be gained from the choice of compressor (+/-5%; entirely from hex
de-expansion);
aside from reduced compatibility.
Ideally the package would be revved and uploaded using gzip
compression, for compatilibity with long-standing previous
installations of Debian---which perhaps receive no updates except
for critical security issues.
-Paul
- --
Why do one side of a triangle when you can do all three. Somewhere, GB.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFIMdMpc444tukM+iQRAnHzAKCY4SKopHjjMt3EULyT286Y8BLZAgCeLX+v
06H03pGpfy23P7SoWFyltpA=
=tWOz
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
On Mon, May 19, 2008 at 08:21:04PM +0100, Paul Sladen wrote:
> The 'openssh-blacklist' package is currently "questionably useful" on
> older Debian systems.
> [snip]
> Unpacking openssh-blacklist (from .../openssh-blacklist_0.1.1_all.deb) ...
> dpkg-deb: file `/var/cache/apt/archives/openssh-blacklist_0.1.1_all.deb'
> contains ununderstood data member data.tar.bz2 , giving up
> dpkg: error processing
> /var/cache/apt/archives/openssh-blacklist_0.1.1_all.deb (--unpack):
> subprocess dpkg-deb --fsys-tarfile returned error exit status 2
That's a very old version of dpkg that doesn't support bzip2. If
openssh-blacklist is needed for such an old release, please fetch the
source, remove bzip2 from debian/rules and build it locally. The
space-savings is non-trivial, so bzip2 is going to stay the compression
method unless there is a more compelling reason to change it.
Sorry!
--
Kees Cook @outflux.net
--- End Message ---
