Samuli Suonpaa <[EMAIL PROTECTED]> wrote: >After Werner Koch posted a small security patch for GnuPG 1.0.4 in >gnupg-announce I decided it's time to compile gnupg from sources. >Using Potato, I already had version 1.0.4 in use. > >Using "apt-get source gnupg" I fetched the most current sources, >applied the patch and built gnupg_1.0.4-1_i386.deb, which I then >installed. Everything seemed to work fine until I - a few days later - >told apt-get to upgrade my packages. For some reason, it decided I >needed the newest gnupg, gnupg_1.0.4-1_i386.deb and installed >it. After I noticed what had happenes, I - again - installed the .deb >I had compiled and now apt-get wants to upgrade it again.
Yep, apt does magic to discourage accidents from happening (e.g. if you file a bug against a package with some of your own patches then it really should have a different version number, or else the maintainer doesn't know that you've made your own changes [1]). When you make changes yourself, edit debian/changelog and add a new entry at the top with a slightly higher version number, but not too much higher so that you still get real upgrades: in your case, usually something like 1.0.4-1.1 or 1.0.4-1.0.1 is a good idea. [1] At least, that's one plausible rationale that I can think of. -- Colin Watson [EMAIL PROTECTED]
