On Sun, Jan 16, 2000 at 05:42:53PM +1100, Hamish Moffatt wrote: > On Sat, Jan 15, 2000 at 12:06:25PM +0100, Thierry Laronde wrote: > > Is there any plan to add some debian-qa fields to handle the packages > > removed > > or withdrawned, so that the user know why he can't find anymore some > > package | > > can't upgrade | is strongly suggested to remove it for security reasons. > > I don't think anybody has been working on this or talked about it. > These packages show up as 'obselete' in dselect and usually it is > safe to keep them installed unless they cause conflicts. [..] > > But as you point out, it doesn't let us tell the user that they should > remove the package for security reasons. It might be possible to do this > without modifying all the tools; perhaps a special package (of priority > required or standard or similar) could conflict with any packages which > should be removed?
Well, this is an interesting solution which, as you say, could be implemented without disruption. Perhaps can it be combined with my proposal of an extra-file ( Stake.gz), that would not be cached, and that would allow a kind of automatic security alert when one uses dselect or apt-get in a remote mode. Packages.gz would be an unmodified file since the release, and the modifications would be handle by this supplementary file. Cheers, -- Thierry LARONDE [EMAIL PROTECTED] website : http://www.polynum.com
