Advice needed: update-manager in wheezy considered dangerous
Julian Andres Klode
jak at debian.org
Mon Mar 11 23:42:45 UTC 2013
Dear release team, I report this problem as we have switched our package management
stack in wheezy from update-manager and other components to PackageKit. Those
old components are still in wheezy however, and especially update-manager can
be considered to be horribly dangerous: It might break systems or contain extreme
security issues as it has not seen someone really care about it since 2 years.
We cannot simply remove update-manager however, as there are reverse
dependencies. The most important ones appear to be:
* upgrade-system
* update-notifier
We could simply drop upgrade-system from testing. For update-notifier, we cannot
do this, as update-notifier-kde depends on update-notifier-common, and there are
no other notifiers for KDE AFAIK. I could however upload an empty update-notifier
package (for GNOME) that switches the user to the PackageKit notifier, thus
removing that reverse dependency.
Summary of the proposed solution:
1. Remove upgrade-system from testing
2. Replace update-notifier binary package with a package transitioning
users to gnome-packagekit
3. Remove update-manager from testing or transition users to PackageKit
Please let me know what you think, and if I missed something.
PS: Yes, I know that we're late in freeze, but I feel that we should not have
that package in a stable release.
PPS: Please keep me CCed (and maybe pkg-gnome-maintainers as well)
--
Julian Andres Klode - Debian Developer, Ubuntu Member
See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20130312/47b4e339/attachment.pgp>
More information about the pkg-gnome-maintainers
mailing list