On Tue, May 18, 2004 at 04:44:48PM -0300, Alexandre Oliva wrote: > On May 18, 2004, Rex Dieter <rdieter@xxxxxxxxxxxx> wrote: > > > Yes, exactly. In the case where that is not true, dist_tags are > > harmless, so this shouldn't be used as an argument against using them. > > Not *totally* harmless. > > Wasn't there a problem in the way old versions of rpm compared say > -1.foo with -1.1.foo? Yes, so avoid comparing numbers and letters. OTOH it affects rpms Versions up to RH8.0 w/o errata upgrades. So probably one can consider this a corner case. > If you use disttags, and you have to patch a package such that the > R number goes in between two R numbers that are already out, Why would you do that? Say you have foo-1.2.3-4 and foo-1.2.3-5 and the fix comes out, you suggest foo-1.2.3-4.1 and foo-1.2.3-5.1. Wouldn't that make foo-1.2.3-5, one of the versions with the security vulnerability overwrite the fixed version from foo-1.2.3-4.1? E.g. I have a secury FC3 and use an (outdated) FC4 installation medium to upgrade my system. Until I fire up the updater postinstallation my box is vulnerable. So it is better to reach for higher bumbs in these cases. There is nothing you can do, if the upstream version differs (other that doing the wrong thing, bumping epochs). > and you can't just append the build number at the end for the > reasons Axel already exposed, and you can't add `.number' before the > disttag, what do you do? As said, this is an old corner stone, and using dotted releases should be considered deprecated anyway. -- Axel.Thimm at ATrpms.net
Attachment:
pgpPYbcEC6YDZ.pgp
Description: PGP signature
