Hi Gert > Sent: Saturday, June 24, 2023 at 3:55 PM > From: "Gert Doering" <g...@greenie.muc.de> > To: "Stella Ashburne" <rewe...@gmx.com> > Cc: openvpn-users@lists.sourceforge.net > Subject: Re: [Openvpn-users] Request: A *.deb package for OpenVPN 2.5.9 on > Debian 12/Bookworm > > > I'm aware of that, I maintain that file :-) - for Linux users, there is > nothing really interesting in 2.6.3 -> 2.6.4. The bugs fixed in 2.6.4 > affect Windows, MacOS/pkcs#11 and Android users.
Sorry, could you be a bit more specific? By "file" did you mean "package"? To the best of my knowledge, the package called "openvpn 2.6.3-1" is maintained by Bernhard Schmidt. Your name is not listed on the page referenced by https://metadata.ftp-master.debian.org/changelogs//main/o/openvpn/openvpn_2.6.3-1_changelog > There *is* a mem leak in 2.6.4 -> 2.6.5, and I assume that Debian is > picking up this bugfix and will do a fixed 2.6.3 re-release - by debian > policy, they will normally not upgrade to fully new versions within a > release, just pick relevant bugfixes and release updated packages. Thanks for letting me know there is a mem leak in 2.6.4. By the way, 2.6.5 was released on 13 June 2023 and till now, Debian's maintainer, Bernhard Schmidt, has not released said bugfix yet. Fortunately OpenVPN's own maintainer released 2.6.5 for Debian 12. The URL is: https://build.openvpn.net/debian/openvpn/release/2.6/pool/bookworm/main/o/openvpn/ > This is an interesting statement - we intentionally tried to release > frequently, so bug fixes (that are inevitably found when doing a new > release with new features) can be distributed quickly. > As you have clarified why OpenVPN releases bugfixes more frequently now, I would prefer more frequent bugfixes. Thank you and thanks to OpenVPN developers. > So would you trust us more if we only did a 2.6.1 release after 5 months, > containing all the bugfixes found, instead of 5 release, each with just > a few commits? No, based on your clarification, I would prefer more frequent bugfixes. > > "most commercial VPN service providers" just suck big time at code > maintenance, and talking to OpenVPN upstream - they hack extra features > into OpenVPN, sometimes breaking the protocol in incompatible ways, and > most of them never nother to actually speak to us to ensure best results > for their customers... and then we get to deal with the bug reports. I totally empathize with you on this point. I have a suggestion: If you have some time to spare, you might like to list and elaborate with examples (a) on the aspects of good code maintenance; (b) the extra features that you claim that OpenVPN providers use and as a result break the protocols Your write-up could be placed in a dedicated page under openvpn.net > > > But all this said - providing packages for Debian 12 needs resources on > the side of the OpenVPN project (read: Frank needs to do that). Since we > think 2.6.x is better than 2.5.x, and Debian thinks that 2.6.x is stable > enough to include into bookworm, we think this is human life time better > spent elsewhere. Like, on improving OpenVPN. > Thanks, Gert, for your explanation. Stella P.S.: I am just curious and if you have time, could you explain why Bernhard Schmidt's name is listed as the maintainer of 2.6.5-bookworm0? When it is obvious to everyone that Frank or Samuli, on behalf of OpenVPN Inc., is the real maintainer (in the sense of expending time and effort on creating 2.6.5-bookworm0.) Bernhard's name is listed in the file called Packages (https://build.openvpn.net/debian/openvpn/release/2.6/dists/bookworm-20230613112628209348061/main/binary-amd64/Packages) _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
