Bug#1051024: bookworm-pu: package igtf-policy-bundle/1.22-1~deb12u1
On 08-04-2024 19:30, Adam D. Barratt wrote: On Mon, 2024-04-08 at 14:26 +0200, Dennis van Dok wrote: I've uploaded a new version since unstable is already at 1.128-1. The package you've uploaded is versioned 1.128-1+deb12u1, which is higher than the version in unstable. The stable upload needs to have a lower version number, conventionally 1.128-1~deb12u1. It appears you've also uploaded a 1.128-1~deb12u1 package, which confusingly seems to be a rebuild of 1.12_7_-1 from unstable. I'm going to flag both uploads for rejection. Once you get confirmation of that having been actioned, if what you're actually aiming for is to get a rebuild of 1.128-1 into stable then please: - use 1.128-1~deb12u1 as the package version - attach a revised debdiff to this bug Hi Adam, sorry for the confusion, it's entirely my fault for not knowing how this works. The 1.128-1~deb12u1 should be the correct version, the uploaded version *is* a rebuild of 1.128-1 in unstable but I think I messed up the changelog. It's ok to reject them, I'll fix the changelog and upload a better version. Thanks, Dennis
Bug#1051024: bookworm-pu: package igtf-policy-bundle/1.22-1~deb12u1
On Mon, 2024-04-08 at 14:26 +0200, Dennis van Dok wrote: > I've uploaded a new version since unstable is already at 1.128-1. The package you've uploaded is versioned 1.128-1+deb12u1, which is higher than the version in unstable. The stable upload needs to have a lower version number, conventionally 1.128-1~deb12u1. It appears you've also uploaded a 1.128-1~deb12u1 package, which confusingly seems to be a rebuild of 1.12_7_-1 from unstable. I'm going to flag both uploads for rejection. Once you get confirmation of that having been actioned, if what you're actually aiming for is to get a rebuild of 1.128-1 into stable then please: - use 1.128-1~deb12u1 as the package version - attach a revised debdiff to this bug Regards, Adam
Bug#1051024: bookworm-pu: package igtf-policy-bundle/1.22-1~deb12u1
I've uploaded a new version since unstable is already at 1.128-1.
Bug#1051024: bookworm-pu: package igtf-policy-bundle/1.22-1~deb12u1
Control: tag -1 confirmed On Sat, Sep 23, 2023 at 10:54:50PM +0200, Dennis van Dok wrote: > On 23-09-2023 22:36, Adam D. Barratt wrote: > > > [ Checklist ] > > > [*] *all* changes are documented in the d/changelog > > > [*] I reviewed all changes and I approve them > > > [*] attach debdiff against the package in (old)stable > > > > You appear to have forgotten the debdiff. > > It could not be attached on the initial submission for some reason, so > I attached it in message #12: > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051024#12 The target distribution in d/changelog should be 'bookworm'; with that fixed please go ahead. > > > > > > [ ] the issue is verified as fixed in unstable > > > > Is this fixed in unstable or not? > > Yes, 1.122 is accepted into unstable in the mean time. You may wish to adjust found versions to cover current stable. Thanks, -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1
Bug#1051024: bookworm-pu: package igtf-policy-bundle/1.22-1~deb12u1
On 23-09-2023 22:36, Adam D. Barratt wrote: [ Checklist ] [*] *all* changes are documented in the d/changelog [*] I reviewed all changes and I approve them [*] attach debdiff against the package in (old)stable You appear to have forgotten the debdiff. It could not be attached on the initial submission for some reason, so I attached it in message #12: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051024#12 [ ] the issue is verified as fixed in unstable Is this fixed in unstable or not? Yes, 1.122 is accepted into unstable in the mean time.
Bug#1051024: bookworm-pu: package igtf-policy-bundle/1.22-1~deb12u1
Control: tags -1 moreinfo On Fri, 2023-09-01 at 13:30 +0200, Dennis van Dok wrote: > The IGTF bundle provides important trust anchors for the Research and > Education communities. Both for reliance on the identity of servers > for compute and storage services, as well as user identification > based > on personal certificates. > > A recent change in the rules for S/MIME certificates[1] has urged a > change in the profiles for end user and robot certificates, > effectively > by 28 August 2023. Relying parties who need to authenticate users > should install this update as soon as possible. > > 1. https://cabforum.org/smime-br/ > [...] > [ Checklist ] > [*] *all* changes are documented in the d/changelog > [*] I reviewed all changes and I approve them > [*] attach debdiff against the package in (old)stable You appear to have forgotten the debdiff. > [ ] the issue is verified as fixed in unstable Is this fixed in unstable or not? Regards, Adam
Bug#1051024: bookworm-pu: package igtf-policy-bundle/1.22-1~deb12u1
Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: igtf-policy-bun...@packages.debian.org Control: affects -1 + src:igtf-policy-bundle [ Reason ] The IGTF bundle provides important trust anchors for the Research and Education communities. Both for reliance on the identity of servers for compute and storage services, as well as user identification based on personal certificates. A recent change in the rules for S/MIME certificates[1] has urged a change in the profiles for end user and robot certificates, effectively by 28 August 2023. Relying parties who need to authenticate users should install this update as soon as possible. 1. https://cabforum.org/smime-br/ More details about the change can be found on the web page of the upstream maintainer[2]. 2. https://www.nikhef.nl/~davidg/tcsg4/GEANT-TCSG4-private-CA-extension-20230712.pdf [ Impact ] Normally I would not propose to update the package in Debian stable but this change may break authentication for some users. They could install the package from unstable or backports (if available). [ Tests ] I normally install the packages on my own systems to try out that they work. Since the deployment is relatively straightforward there is rarely an issue. [ Risks ] There are no code changes between versions, it should be safe (in fact, recommended) to always install the latest version of the bundle. [ Checklist ] [*] *all* changes are documented in the d/changelog [*] I reviewed all changes and I approve them [*] attach debdiff against the package in (old)stable [ ] the issue is verified as fixed in unstable [ Changes ] See the upstream CHANGES file (or d/changelog).