[hardening-discuss] Bug#535037: Missing conflicts violates a must directive from policy 3.9
Helge Kreutzmann
debian at helgefjell.de
Wed Nov 25 15:00:10 UTC 2009
severity 535037 serious
thanks
I ran into this bug as well and this is definitly *not* a wishlist
bug. (And while the real problem is solved, it can easily be worked
around by using "Conflicts").
Please see the following paragraph from policy (emphasis mine):
All packages which supply an instance of a common command name (or, in
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
general, filename) should generally use update-alternatives, so that they
~~~~~~~~ ~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~
may be installed together. If update-alternatives is not used, then each
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
package *must* use Conflicts to ensure that other packages are de-installed.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
(In this case, it may be appropriate to specify a conflict against earlier
versions of something that previously did not use update-alternatives;
this is an exception to the usual rule that versioned conflicts should be
avoided.)
--
Dr. Helge Kreutzmann debian at helgefjell.de
Dipl.-Phys. http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
Help keep free software "libre": http://www.ffii.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/hardening-discuss/attachments/20091125/9cb7ac16/attachment.pgp>
More information about the hardening-discuss
mailing list