Your message dated Fri, 20 Nov 2015 09:44:16 +0100
with message-id <[email protected]>
and subject line Re: Bug#803997: transition: polarssl
has caused the Debian Bug report #803997,
regarding transition: polarssl
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
803997: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803997
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
User: [email protected]
Usertags: transition
Severity: normal
Forwarded: https://release.debian.org/transitions/html/auto-polarssl.html
X-Debbugs-CC: [email protected]
Hi,
polarssl needs a library transition. The name of the upstream project
changed to 'mbedtls' so the SONAME has become 'libmbedtls9'. I've kept
the name of the dev package as 'libpolarssl-dev' for the 1.3 series so
every package doesn't need to be changed.
The new version of polarssl fixes a grave security bug (#801413). I
havn't got a response from the package maintainer at all in dealing
with this so I NMUed the version currently in experimental.
There is a build failure on s309x, but the fix should be a 1 line
change which I'd like to make when I upload the package to unstable. If
you'd prefer I could make another NMU to experimental instead.
Thanks,
James
Ben file (the automatic one is fine):
title = "polarssl";
is_affected = .depends ~ "libpolarssl7" | .depends ~ "libmbedtls9";
is_good = .depends ~ "libmbedtls9";
is_bad = .depends ~ "libpolarssl7";
signature.asc
Description: This is a digitally signed message part
--- End Message ---
--- Begin Message ---
On 10/11/15 19:55, Emilio Pozuelo Monfort wrote:
> On 09/11/15 20:49, James Cowgill wrote:
>> Thinking about this, I could probably avoid this transition by waiting
>> for mbedtls to pass NEW, porting all the rdeps, and then having
>> polarssl removed from the archive. This would be the "end" goal anyway.
>
> I'd prefer that. We can let polarssl get auto-removed from testing (or I may
> just remove it together with the rdeps). As for stable, if the package is
> FUBAR
> then you can request a removal from there in a separate bug.
So we don't need this transition bug anymore. Let's close this.
Cheers,
Emilio
--- End Message ---
