[Pkg-db-devel] libdb-dev considered harmful
Florian Weimer
fw at deneb.enyo.de
Sat Oct 6 11:17:36 UTC 2007
I don't like the package at all. Here's the scenario I'm particularly
worried about: Suppose we release a security update for lenny, and the
package build-depends on libdb-dev. The package in the archive has been
build last against Berkeley DB 4.6, but in the meantime, a new Berkeley
DB release occurred, and a new db package has been uploaded. As a
result, the security update will be built against Berkeley DB 4.7, with
unknown results.
If the plan is to rebuild all packages depending on an older version of
Berkeley DB before a newer one can hit testing, this issue does not show
up. But I'm not sure if this is really the way to go.
More information about the Pkg-db-devel
mailing list