Web lists-archives.com

binutils security support (Re: fixing debian-security-support upgrades from stretch (for good))

On Mon, May 13, 2019 at 02:17:46PM +0200, Marco d'Itri wrote:
> I strongly object to adding this package, and its dependency 
> gettext-base, to the transitive essential set.

I'll respond to this in a moment. (I agree but it just takes a bit
longer to respond to this.)

> I tried installing it (I had never heard of it before) and I see that it 
> immediately complains about the version of binutils currently in 
> unstable, so I also have serious doubts about the usefulness of 
> a security tool which will always report an alarm.

well, binutils *is* not covered by Debian's security support, and I
do agree that this is useful information this tool should provide.


(and yes, I also agree this is quite a desaster, just like
kde4libs/khtml only is suitable for trusted content, which IOW means,
one should not use konqueror or kmail on the interweb.)


       PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C

Attachment: signature.asc
Description: PGP signature