On Sat, Nov 29, 2008 at 07:04:10PM +0100, Laszlo Boszormenyi wrote: > Hi Sven, > > On Fri, 2008-11-28 at 23:06 +0100, Sven Joachim wrote: > > this bug really deserves a severity >= serious. All reverse > > dependencies of libneon25 will break after the upgrade, because the > > following files are in /usr/lib: > They will break only on partial upgrades. Full upgrades will upgrade > OpenOffice.org, Subversion and all packages that need neon. > My opinion is that transitional packages must remain as-is. Reasons: > - Debian is not obliged to support partial upgrades between releases (or > show me the relevant part of policy); thus this bugreport should be > closed.
I don't know in which project you are, but in Debian we have always supported partial upgrades between sequential releases. And it even if we wouldn't that doesn't excuse breaking other packages by pretending to fulfill their dependencies. Packages depending on libneon25 will simply stop working with the transitional packages. That makes them completly useless. > - neon v0.26.3 and after contains a security fix[1] which was not > backported to neon v0.25 . Also neon v0.25 does not have security > support anymore, will you provide it for the Lenny lifecycle? > - neon v0.25 is already more than three and half years old[2], there > were two API changes since then. Why do you want to keep it any > longer? neon v0.25 is not in lenny and nobody wants it there. There are no packages in lenny depending on neon v0.25. So nobody needs to support it for lenny. If it is not security-supportable in etch, is the security team available of that? That would need to be announced to our users, IMHO. > > Now I'm no expert in library packaging, but the only possible outcome of > > this mess seems that OpenOffice.org and other reverse dependencies of > > libneon25 will fail with "error while loading shared libraries: > > libneon25.so.25: cannot open shared object file: No such file or > > directory" after the /usr/lib/libneon.so.25* files have disappeared. > I repeat: this will happen only if someone does not do a full upgrade, > but a partial one. Normal upgrade paths will behave correctly. > > Here is my deal. Show me the policy reference that I must support > partial upgrades and present a gpg signed purpose that you will provide > security support for neon v0.25 during the Lenny stable release. Then I > will remove the transitional packages. Otherwise please close this > bugreport. Please fix this bug instead (I already gave you a patch even) and in the future please don't maintain libraries in Debian. Gruesse, -- Frank Lichtenheld <[EMAIL PROTECTED]> www: http://www.djpig.de/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
