I have a few questions about your debian archives which I would appreciate your finding the time to answer. This issue has puzzled me for a long time and I've finally decided to get to the bottom of the mystery.
Did you know your site has multiple versions of identically named debian packages? What is the function and purpose of the different versions and why do they have the same name?
Unless I'm missing something, at best this seems confusing and misleading, and bad policy. For one thing, I (and perhaps others) hope to use all the checksums for an added measure of security. Having multiple versions of packages is problematic in that respect, because it muddies the waters and makes automatic checking, using the checksums, difficult to impossible (especially for cases like bugzilla, where the versions differ even for the security updates).
On the other hand, if the purpose of the checksum is, as I had presumed, to uniquely identify package files, and if it is therefore *intended* to support my effort to use the checksums for security purposes, including automatic integrity checking, then this implies that there are problems with the following packages:
eeecdf87dc2cdc4fdf647c1ee869f089 ./debian/pool/main/b/bugzilla/bugzilla-doc_2.14.2-0woody4_all.deb e5a29f1080514b0a2d4f67089b33684d ./debian/pool/main/b/bugzilla/bugzilla_2.14.2-0woody4_all.deb ef08e1d090904b2a5c4ee7922a4dfb82 ./debian-security/pool/updates/main/b/bugzilla/bugzilla-doc_2.14.2-0woody4_all.deb af4eb24523d99a3cc0b334bf2914621a ./debian-security/pool/updates/main/b/bugzilla/bugzilla_2.14.2-0woody4_all.deb
37397d1efd3cc573675b303244b3ee71 ./debian/pool/main/p/postgresql-7.4/libpq3_7.4.7-2_i386.deb f8497089698e3127152034b7bec97324 ./debian/pool/main/p/postgresql/libpq3_7.4.7-2_i386.deb
5198221164c9193e937b7fa6fc0cc73c ./debian-security/pool/updates/main/v/vbox3/vbox3_0.1.7.1_i386.deb bb9a8a71d32904d51394c300b75111b7 ./debian/pool/main/v/vbox3/vbox3_0.1.7.1_i386.deb
5149e1dbfed225372c3eeb218b85b055 ./debian-marillat/dists/stable/main/binary-i386/libdts-dev_0.0.2-svn-1_i386.deb 821b2fc02375de2d45f025a629af29c4 ./debian/pool/main/libd/libdts/libdts-dev_0.0.2-svn-1_i386.deb
(The later is mentioned because it's unclear which web site has the correct version.)
Marty
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
