On Thu, Nov 14, 2019 at 05:19:03PM +0000, Holger Levsen wrote: > > And then it would be ideal to upload the package to unstable and then > file a SRM bug to update the package in stretch, in addition to > uploading to jessie. (Probably this should also result in a DLA, not > 100% sure though. Thoughts & comments definitly welcome.) >
Hi Holger, I am hesitant to file the bugs with the SRMs and to do the jessie upload. I merged the 2019.11.15 tag into the jessie and stretch branches. I also created a new buster branch from that tag. The buster update goes from 2019.06.13..2019.11.15_deb10u1, the stretch update from debian/2019.02.01_deb9u1..2019.11.15_deb9u1 and the jessie update from debian/2019.02.01_deb8u1..2019.11.15_deb8u1. The git diffs look sane. However, after building each of the packages and checking the debdiffs (against source packages downloaded with debsnap), the stretch and jessie packages I built seem to be inducing many more changes than those revealed by git diff. Before I go ahead with pushing changes to salsa, uploading to jessie, releasing a DLA, and filing bugs requesting approval to upload to buster and stretch, I'd like to make sure that I have gone about all of this in the right way. What is the best way to facilitate this? Should I fork debian-security-support and push my proposed changes there for you to review? Should I post source packages and debdiffs for review? Let me know how I should proceed. Regards, -Roberto -- Roberto C. Sánchez
