Ubuntu
openoffice.org package

New upstream version of openoffice.org in hardy-security

Bug #310359 reported by Emanuel Steen
4
Affects Status Importance Assigned to Milestone
openoffice.org (Ubuntu)
Invalid
Undecided
Unassigned
openoffice.org-l10n (Ubuntu)
Fix Released
Undecided
Jamie Strandboge

Bug Description

Binary package hint: openoffice.org

The "openoffice.org" source package has three different versions in hardy:
 release, 1:2.4.0-3ubuntu6
 security, 1:2.4.1-1ubuntu2.1
 updates, 1:2.4.1-1ubuntu2.1

The "openoffice.org-l10n" source package has two versions in hardy:
 release, 1:2.4.0-3ubuntu1
 updates, 1:2.4.1-1ubuntu2

The "openoffice.org-l10n" packages doesn't seem to be compatible to openoffice.org 2.4.1, as an example the package "openoffice.org-l10n-sv" has the following property.
Conflicts: openoffice.org-core (>= 1:2.4.0.1), openoffice.org-core (<< 1:2.4.0), openoffice.org2-l10n-sv

This means that a hardy system that doesn't have hardy-updates enabled but only hardy-security can't upgrade openoffice.org without removing all language support for openoffice (the packages generated by "openoffice.org-l10n"). Version 2.4.1 of openoffice requires 2.4.1 version of the language support. An upgrade of openoffice from the security archive will then try to remove all of those packages.

The simple solution for this is to simply build "openoffice.org-l10n" with the same upstream version of openoffice.org as already included in hardy-security and also include this package in hardy-security. However, this doesn't feel like however the ideal solution as we want to keep security as small as possible and only change the packages that actually needs the security fix. In my opinion no upgrade in security should be incompatible with old packages in the system, i.e. should not change the ABI, but that is probably not possible in all situations. Actually, is seems rather strange to include a new upstream version of an application in a system that doesn't have updates enabled. Is the solution to have two separate security repositories, one for systems without updates enabled and one for system with updates enabled?

Anyway, a simple rebuild of "openoffice.org-l10n" should be ok for now so users can upgrade their systems. But for upcoming releases I think the architecture for security updates should be reviewed.

Jamie Strandboge (jdstrand)
Changed in openoffice.org:
status: New → Invalid
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thank you for using Ubuntu and taking the time to report a bug. I'll get the fix for this uploaded soon.

Changed in openoffice.org-l10n:
assignee: nobody → jdstrand
status: New → In Progress
Jamie Strandboge (jdstrand)
Changed in openoffice.org-l10n:
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openoffice.org-l10n - 1:2.4.1-1ubuntu2.1

---------------
openoffice.org-l10n (1:2.4.1-1ubuntu2.1) hardy-security; urgency=low

  * no change rebuild for hardy-security. This makes openoffice.org-l10n
    packages installable again for people with only -security enabled.
    (LP: #310359)

 -- Jamie Strandboge <email address hidden> Mon, 22 Dec 2008 07:17:48 -0600

Changed in openoffice.org-l10n:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.