Hi Patrik - there are few problems with the debdiff: 1) It is prepared against the precise-backports pocket. This is not appropriate for uploads to precise-security since it pulls in changes unrelated to the security fixes. Please prepare a debdiff against 1.6.1-1+ubuntu0.5 from the precise-updates pocket.
2) As mentioned earlier, the patches are missing the proper DEP-3 tags. I was going to add those in myself based on the commit IDs that you provided but since #1 is going to require you to respin a new debdiff, I'd prefer if you handled that now. Description and Origin are sufficient. 3) The changelog entry needs a few changes. There's no need to mention the DSA since it won't likely mean anything to Ubuntu users. The target should be precise-security instead of precise. If adding the DEP-3 tags in each patch file, there's no longer a need to mention the Debian git tree in the changelog. It would be nice if there was a brief description of the issues that each patch fix so that users can understand the reasoning for the update. - An example changelog can be found here: https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update_the_packaging 4) Runtime testing is preferred. Issuing updates that have only been build tested has the potential to break users. Once these issues are resolved, please attach the new debdiff, mark the bug status as New and unassign yourself. Thanks! ** Changed in: openafs (Ubuntu) Status: In Progress => Incomplete ** Changed in: openafs (Ubuntu) Assignee: Tyler Hicks (tyhicks) => Patrik Lundin (patrik-lundin) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1481373 Title: Security bugs "DSA-3320-1 openafs -- security update" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openafs/+bug/1481373/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
