grml-btnet is pulling in inappropriate packages on install
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
grml-btnet (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: grml-btnet
This package is just to configure a Bluetooth Access Point. I am attempting to install it on a router. Avahi, cups, sound, gstreamer, fonts, graphics, etc are all inappropriate. Adding Bluetooth is a communications protocol only! Adding support for specialized stuff over and above the network must be added to specialized packages, not the main package. I need this package to add Bluetooth Access Point for phones to use to route Internet traffic (i.e. data traffic for email, web browsing, etc). This is not a desktop technology!
All these unnecessary services are all potential seeds for security breaches.
Please correct.
# apt-get install grml-btnet
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
avahi-daemon avahi-utils bc bluetooth bluez-alsa bluez-cups bluez-gstreamer
bluez-utils bridge-utils cups cups-client cups-common cups-driver-
cupsddk cupsddk-drivers defoma fontconfig-config foomatic-db
foomatic-
gsfonts hpijs hplip hplip-cups hplip-data ipcalc libasound2 libavahi-client3
libavahi-
libavahi-core6 libcups2 libcupsimage2 libdaemon0 libexif12 libfontconfig1
libfontenc1 libgphoto2-2 libgphoto2-port0 libgs8
libgstreamer-
libieee1284-3 libijs-0.35 libjpeg62 liblcms1 libltdl7 libnss-mdns
libpaper-utils libpaper1 libperl5.10 libpng12-0 libpolkit-dbus2
libpolkit-grant2 libpoppler5 libsane libsensors3 libslp1 libsnmp-base
libsnmp15 libsysfs2 libtiff4 libv4l-0 libxfont1 min12xxw pnm2ppa policykit
poppler-utils psfontmgr python-imaging sane-utils ssl-cert ttf-dejavu
ttf-dejavu-core ttf-dejavu-extra ttf-freefont update-inetd x-ttcidfont-conf
xfonts-encodings xfonts-utils
Suggested packages:
avahi-autoipd cups-bsd xpdf-korean xpdf-japanese xpdf-chinese-
xpdf-
gutenprint-doc gutenprint-locales defoma-doc dfontmgr libft-perl foo2zjs
splix m2300w pxljr openprinting-ppds openprinting-
foomatic-db-hpijs foomatic-
hpijs-ppds hplip-doc hplip-gui libasound2-plugins gphoto2 gtkam
libvisual-
gstreamer0.
lm-sensors slpd openslp-doc magicfilter apsfilter policykit-gnome
python-
The following NEW packages will be installed:
avahi-daemon avahi-utils bc bluetooth bluez-alsa bluez-cups bluez-gstreamer
bluez-utils bridge-utils cups cups-client cups-common cups-driver-
cupsddk cupsddk-drivers defoma fontconfig-config foomatic-db
foomatic-
grml-shlib gsfonts hpijs hplip hplip-cups hplip-data ipcalc libasound2
libavahi-client3 libavahi-
libavahi-
libexif12 libfontconfig1 libfontenc1 libgphoto2-2 libgphoto2-port0 libgs8
libgstreamer-
libieee1284-3 libijs-0.35 libjpeg62 liblcms1 libltdl7 libnss-mdns
libpaper-utils libpaper1 libperl5.10 libpng12-0 libpolkit-dbus2
libpolkit-grant2 libpoppler5 libsane libsensors3 libslp1 libsnmp-base
libsnmp15 libsysfs2 libtiff4 libv4l-0 libxfont1 min12xxw pnm2ppa policykit
poppler-utils psfontmgr python-imaging sane-utils ssl-cert ttf-dejavu
ttf-dejavu-core ttf-dejavu-extra ttf-freefont update-inetd x-ttcidfont-conf
xfonts-encodings xfonts-utils
0 upgraded, 86 newly installed, 0 to remove and 0 not upgraded.
Need to get 43.4MB of archives.
After this operation, 149MB of additional disk space will be used.
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.