On Fri, Mar 06, 2015 at 12:10:47PM +0100, Niels Thykier wrote: > On 2015-03-06 11:58, Jonas Smedegaard wrote:
> > Additionally, the fix for #770767 is believed to also fix applying all > > default security-strengthening compiler flags for arch-any packages that > > uses a CDBS perl snippet. Since that is a release goal, and since > > missing default flags may also lead to other breakage on i386 due to how > > that platform links perl code (see bug#770767), unblocking of cdbs > > should probably be followed by BinNMUs + unblock of e.g. all arch-any > > packages matching regext '^include\s+.*perl.*\.mk' for its rules file. > > We might not want that actually. If the fixed cdbs enters jessie, not rebuilding those now might risk regressions later during jessie's lifetime, for instance with security updates AFAICS? > > I don't know (and am not skilled so now is probably the wrong time to > > start if others can help) how to reliably locate such package list, but > > can do it among the packages I maintain myself which might be adequate > > (I am not alone in using CDBS but might be for perl libs specifically). FWIW, the only arch:any packages build-depending on both cdbs and libmodule-build-perl would be libdevel-callchecker-perl libdevel-callparser-perl liblucy-perl libmarpa-r2-perl As Module::Build is also in perl-modules (but is being phased out), it's possible that there are other affected packages. I'd be surprised if there were many more, though. Hope this helps, -- Niko Tyni [email protected] -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
