For the Security Team, unblocking 5.7.1 is the preferred option as it
will make supporting WP for the entire bullseye lifecycle much
easier. If the Release Team thinks it's too late at this point for such
an unblock, we'd favor going with 5.6.3 instead.
Cheers,
--
Seb
I've tried a bunch of things, essentially reusing my older
pbuilder-based build setup (as opposed to the newer sbuild-based one),
to no avail: I keep getting those extra upper-bound versioned
dependencies in the resulting package.
At this point I see two options:
- build a +deb9u2 that uses
On 26/08 17:42, Adam D. Barratt wrote:
> Our tooling has highlighted a dependency issue. I've not had chance to
> check if it already existed in the earlier package, but:
>
> unsat-dependency: python-cryptography (< 1.6)
>
> stretch has python-cryptography 1.7.1
This is a regression
Actually, that won't be possible: dam rm shows libspring-java among
other rdeps. We'll just stick with the EOL in debian-security-support.
Cheers,
--Seb
On May/03, Adam D. Barratt wrote:
> There's a few r-deps. Walking the tree gives us:
>
> - redmine-plugin-pretend
> - redmine-plugin-recaptcha
> - redmine-recaptcha
>
> I assume the intent is that those also be removed.
That is correct, sorry for not mentioning the r-deps initially.
Cheers,
On Dec/09, Adam D. Barratt wrote:
> For the record, reviewing the diff of the -security upload, I notice
> that the change actually adds *two* runtime dependencies - the second,
> which was not mentioned in this pre-approval request, nor included in
> the proposed diff, being python-pastescript.
On Mar/18, Holger Levsen wrote:
> I've done all this now.
>
> Will you write and send the DSA? I guess the text should basically
> just be something like what we wrote in debian/changelog:
>
> * Adjust sitesummary-upload to use CRLF (\r\n) line endings to be compliant
> with apache 2.4.25
On Mar/10, Sébastien Delafond wrote:
> I meant a debdiff specifically targetting jessie-security. Please
> change jessie to jessie-security, set severity to high, and upload to
> security-master (no source-only upload).
Hi Petter,
are you still planning to upload this ?
Cheers,
--Seb
On Mar/10, Petter Reinholdtsen wrote:
> The debdiff for jessie is in bts already.
I meant a debdiff specifically targetting jessie-security. Please change
jessie to jessie-security, set severity to high, and upload to
security-master (no source-only upload).
Cheers,
--Seb
On Mar/09, Holger Levsen wrote:
> Dear security team,
>
> On Thu, Mar 09, 2017 at 07:20:40PM +, Adam D. Barratt wrote:
> > On Thu, 2017-03-02 at 09:50 +, Holger Levsen wrote:
> > > On Thu, Mar 02, 2017 at 09:12:34AM +0100, Petter Reinholdtsen wrote:
> > > > Usertags: pu
> > > >
> > > >
Dear Release Managers,
the Security Team has reviewed the diff related to this security
problem, and we support the unblock request.
Cheers,
--Seb
Hi David,
thanks a lot for the NMU and the associated unblock request, while I
was away :)
Cheers,
--Seb
On Sep/29, David Prévot wrote:
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package minbif
It fixes a
12 matches
Mail list logo