On Sun, 11 Jan 2026 13:28:03 +0530, Abhijith PA <[email protected]> wrote: > On 10/01/26 07:24 PM, Stephen Kitt wrote: > > On Sat, 10 Jan 2026 18:06:43 +0530, Abhijith PA <[email protected]> > > wrote: > > > On 09/01/26 06:00 PM, Stephen Kitt wrote: > > > > Version: 2.8-1 > > > > > > > > Hi Adi, > > > > > > > > On Fri, 9 Jan 2026 16:35:05 +0100, Adi Kriegisch <[email protected]> > > > > wrote: > > > > > a recent security upgrade for bullseye (version 2.5-4~deb11u1) > > > > > backported the issue to bullseye as well. All versions above 2.5 do > > > > > have the issue fixed; I'm trying to tag the issue accordingly. > > > > > > > > That’s unfortunate — Abhijith, the security update in bullseye broke > > > > the package in a few important use-cases... > > > > > > Thanks for reporting. That's indeed unfortunate, I released > > > 2.5-4~deb11u1 in bullseye. Can you let me know more about the > > > regression. I gone through bug report and I see that you are > > > going to make a release via backports.debian.org. I am happy to > > > backport it to bullseye|oldoldstable. > > > > I don’t have more info than what’s already in the bug report; the upstream > > release notes only say “fixed numerous bugs” in relation to this and I > > never found any corresponding bug in the upstream tracker. > > ACK. So just to be clear, version 2.5-4~deb11u1 doesn't made in > regression but backported to a buggy version 2.5 from 2.1. ?
I’m not sure what you mean, sorry. > > I’m not *going* to make a release via backports.debian.org, I did so in > > August 2024, backporting version 2.9. Feel free to backport that to > > bullseye, I think that’s best. > > OK. I can't backport 2.9 to bullseye as bookworm is in 2.5 . I think > we have to do an Old Stable Proposed Update for bookworm first and the > update same in bullseye. I guess we have to let stable release > managers know about the situation. Another option is to use the same technique as Tobias Frost with version 2.0+really2.5-4+deb10u1... Regards, Stephen
pgpB88Gf3Yuwl.pgp
Description: OpenPGP digital signature
