Your message dated Wed, 24 Oct 2018 13:43:34 +0200 with message-id <[email protected]> and subject line Re: Bug#907835: newer version in stable has caused the Debian Bug report #907835, regarding newer version in stable to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 907835: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907835 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Source: xen Version: 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9 Severity: serious The version of the Xen packages in unstable and buster is lower than the one in Debian stretch. That seems highly irregular and will obviously break upgrades to buster. The reason this is marked as "serious" is because I consider this a "severe violation of Debian policy". This would be section 3 of the Debian policy, although it curiously does not explicitely state that versions between different suites should be incrementing. I still consider this a release critical bug and that new upstream packages should first be uploaded to unstable, unless there is a security issue (which is the case here) in which case they should be simultaneously uploaded to both suites. Thanks, A. -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing'), (1, 'experimental'), (1, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.17.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8), LANGUAGE=fr_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
--- End Message ---
--- Begin Message ---Control: fixed 907835 4.11.1~pre.20180911.5acdd26fdc+dfsg-5 On 9/26/18 4:22 PM, Ian Jackson wrote: > Antoine Beaupré writes ("Re: [Pkg-xen-devel] Bug#907835: newer version in > stable"): >> It's been two weeks and stable still has a newer version than unstable, >> which suffers from four security issues fixed in stable. >> >> I understand you might have other plans in the long term, but in the >> meantime, why not just upload deb9u10 to unstable? > > I went to do this but sadly, it no longer builds due to gcc8. There > are upstream patches that could be cherry-picked but it's certainly no > longer simply a matter of importing the security update. > > I am going to look at these failures since they are blocking my > package refactoring work and I expect that as an output I will produce > a list of upstream commits to cherry pick, which I will send to this > bug. Xen 4.11 has now transitioned to testing! \o/ So, the weird situation has been resolved. Hans
--- End Message ---
