[OTR-dev] 4.0.0-rc3 ready to roll. Please try it out!
Jacob Appelbaum
jacob at appelbaum.net
Mon Oct 1 13:35:06 EDT 2012
Thibaut VARENE:
> On Mon, Oct 1, 2012 at 7:24 PM, Paul Wouters <paul at cypherpunks.ca> wrote:
>> On Mon, 1 Oct 2012, Thibaut VARENE wrote:
>>
>>> I'm about to upload pidgin-otr 4.0.0 to debian unstable, and it
>>
>>
>> debian already ships libotr-4? Did they add a libotr3 package? Did
>
> libotr5, per soname.
>
>> other OTR software get ported to 4.x already? Or will it just break?
>
> libotr5 has been in experimental for a month now. If packages haven't
> been updated, they'll break, since libotr5 conflicts with libotr2.
> They'll need a rebuild against the new library package anyway.
>
I think this has already been discussed but...
I think this is a rather terrible idea without hearing from most, if not
all, of the app developers.
I'd suggest that libotr2 and libotr5 are both in the archive and that
they *conflict* as Debian packages. We should try to convince the
developers to release new versions but if they can't or don't - an older
libotr2 package shouldn't simply revert all communications to plaintext.
A broken package will probably cause that kind of issue and that is
_far_ worse than OTRv3 handshakes...
Is there a list of packages that will be broken by this change? Has
anyone reached out to those developers?
All the best,
Jake
More information about the OTR-dev
mailing list