Bug#914009: libgcrypt20: not tight enough shlibs file
Samuel Thibault
sthibault at debian.org
Sun Nov 18 12:48:43 GMT 2018
Source: libgcrypt20
Version: 1.8.4-3
Severity: important
Hello,
debian/rules uses:
dh_makeshlibs -V 'libgcrypt20 (>=1.8.0-0)'
But that is not tight enough. Applications would typically call
gcry_check_version (GCRYPT_VERSION)
which will check the version which was used at the compilation time of
the application, thus requiring whatever version of libgcrypt was
installed at the time. The shlibs mentioned above allows to install an
earlier version of the package, but then the application crashes with
libgcrypt version mismatch
so the dependency is not tight enough, debian/rules should be using the
upstream version instead of hardcoding 1.8.0-0
Samuel
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), (500, 'proposed-updates'), (500, 'oldoldstable'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
--
Samuel
I develop for Linux for a living, I used to develop for DOS.
Going from DOS to Linux is like trading a glider for an F117.
(By entropy at world.std.com, Lawrence Foard)
More information about the Pkg-gnutls-maint
mailing list