Bug#789256: cmus: Pulls in unwanted and potentially dangerous DECnet packages through libroar2
Jonas Smedegaard
dr at jones.dk
Sat Jun 20 18:25:44 UTC 2015
Quoting John Paul Adrian Glaubitz (2015-06-20 13:00:53)
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 06/20/2015 07:56 PM, Jonas Smedegaard wrote:
>>> I can't imagine that you cannot reproduce this on a clean
>>> install, I could reproduce it on all machines running at least
>>> Jessie.
>>
>> Please provide the command to reproduce _without_ --with-suggests
>> option enabled!
>
> Jonas, I think you need to re-read what I wrote. Currently libroar2 is
> a Recommends and _not_ a Suggests:
>
> glaubitz at ikarus:~$ apt-cache depends cmus | grep libroar2
> Recommends: libroar2
> glaubitz at ikarus:~$
I agree that cmus pulls in libroar2. Why is that dangerous?
> My elaborations regarding "--with-suggests" were regarding the case
> that Alessio would drop libroar2 from Recommends to Suggests.
If you mean to say that "--with-suggests" is irrelevant to discuss here,
then I agree: Use of special package install options should be
irrelevant when dicussing whether cmus is dangerously broken or not.
If you mean something else then please elaborate.
> Currently cmus is definitely getting stuck on a _fresh_ install, simply
> by installing with "apt-get install cmus".
On those systems where you experience cmus being stuck, is the package
"dnet-common" also installed (or was it ever)?
If so, you will need to figure out how that got installed, and I am
quite certain the cause is *not* cmus and therefore this bugreport
against cmus is bogus.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20150620/42e8b9a2/attachment.sig>
More information about the pkg-multimedia-maintainers
mailing list