[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

firebird2.0: somewhat unusual backport

Dear backports.org ftp-masters,

This is a request for your advise about somewhat unusual backport.

It is about firebird. Etch has version 1.5.4 from the 1.5 branch. This
was removed from unstable because of security bugs, fixes for which
can't be backported and upstream's lack of security support for that
branch. See #432753 for the details.

After discussing with Debian Security Team, it was decided to remove
firebird2 from stable and issue a DSA, dropping official debian security
support for it as soon as a backport of firebird2.0[0], the current
upstream "stable", is available so that the users are not left
/completely/ in the void.

    [0] http://packages.qa.debian.org/firebird2.0

So I intent to backport firebird2.0, a package that is not in etch. And
if this is not enough, the version I intent to backport can't currently
migrate to testing as it is blocked by ICU, which in turn is blocked by
gcc-defaults (according to this message[1] at least, I get confused of
how complicated inter-dependencies can be :)

    [1] http://lists.debian.org/debian-release/2008/01/msg00071.html

So, would this backport be accepted? Should I backport the testing
version instead (, despite the fact that the version
from unstable contains important fixes (#448616, #454466)?

Thanks for your time
dam            JabberID: dam@jabber.minus273.org

Attachment: signature.asc
Description: Digital signature

Reply to: