-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Package: openssh-blacklist Severity: grave
The 'openssh-blacklist' package is currently "questionably useful" on older Debian systems. Issue; 1. With the security update, 'openssh-server' 1:4.3p2-9 now Depends: 'openssh-blacklist'. 2. 'openssh-blacklist' 0.1.1 has been packaged with bzip2 compression (contains data.tar.bz2). 3. Versions of 'dpkg-deb' below 'dpkg' <1.10.24 do not understand bzip2. 4. Because of the hard dependency, a fixed 'openssh-server' does not get configured/restarted. Example; (dpkg=1.10.21) $ sudo apt-get -f install ... Unpacking openssh-blacklist (from .../openssh-blacklist_0.1.1_all.deb) ... dpkg-deb: file `/var/cache/apt/archives/openssh-blacklist_0.1.1_all.deb' contains ununderstood data member data.tar.bz2 , giving up dpkg: error processing /var/cache/apt/archives/openssh-blacklist_0.1.1_all.deb (--unpack): subprocess dpkg-deb --fsys-tarfile returned error exit status 2 $ sudo apt-get install openssh-server ... The following packages have unmet dependencies: openssh-server: Depends: openssh-blacklist but it is not going to be installed Background; The 'openssh-blacklist' packages contains approximately 2*100k*80-bit hashes; around ~2MB of raw (effectively random) data. This data is hex-encoded upto a larger uncompressed size of ~4MB (primarily containing '[0-9a-f\n]'). Being a minimal-entropy (although sorted) data-set, there is little to be gained from the choice of compressor (+/-5%; entirely from hex de-expansion); aside from reduced compatibility. Ideally the package would be revved and uploaded using gzip compression, for compatilibity with long-standing previous installations of Debian---which perhaps receive no updates except for critical security issues. -Paul - -- Why do one side of a triangle when you can do all three. Somewhere, GB. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFIMdMpc444tukM+iQRAnHzAKCY4SKopHjjMt3EULyT286Y8BLZAgCeLX+v 06H03pGpfy23P7SoWFyltpA= =tWOz -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]