Re: Bug#975016: #975016 - OpenJDK 17 support state for Bullseye
- To: Moritz Mühlenhoff <jmm@inutil.org>, Thorsten Glaser <t.glaser@tarent.de>, 975016@bugs.debian.org
- Cc: Holger Levsen <holger@layer-acht.org>, Matthias Klose <doko@debian.org>, Emmanuel Bourg <ebourg@apache.org>, Adrian Bunk <bunk@debian.org>, debian-java@lists.debian.org, ftpmaster@ftp-master.debian.org, debian-release@lists.debian.org, debian-backports@lists.debian.org, security <security@debian.org>
- Subject: Re: Bug#975016: #975016 - OpenJDK 17 support state for Bullseye
- From: Matthias Klose <doko@debian.org>
- Date: Sat, 12 Feb 2022 02:57:13 +0100
- Message-id: <[🔎] 617423da-cf95-e75d-b4f1-c8b81ceb691b@debian.org>
- In-reply-to: <[🔎] YgToaExntWjCwSMu@pisco.westfalen.local>
- References: <20210202180412.GI23296@localhost> <3e72c4fc-9ad4-5ba2-c194-e2449d1d3d75@apache.org> <28df3e43-5ca2-9647-b883-9b53c2d30ec4@debian.org> <[🔎] YfvgRRJUf20PrJ6p@layer-acht.org> <160565089338.4090.11133710586870120280.reportbug@hullmann.westfalen.local> <[🔎] cbd2943a-6921-5a6-532f-7d975a14217b@tarent.de> <[🔎] YgToaExntWjCwSMu@pisco.westfalen.local>
On 2/10/22 11:26, Moritz Mühlenhoff wrote:
> Am Thu, Feb 03, 2022 at 03:59:00PM +0100 schrieb Thorsten Glaser:
>> Hi Holger,
>>
>>> and filed against src:debian-security-support, as openjdk-17 seems to be
>>> supported and src:debian-security-support's purpose is to documented what's
>>
>> no, 11 is supported, 17 is just for users to run third-party
>> stuff on (IIUC).
>
> In Bullseye 11 is the default Java and fully covered by security support.
>
> 17 can be installed (and it can also take over the typical alternatives),
> but nothing pulls it in via dependencies. But if anyone needs to run an
> application requiring 17, this is the JRE of choice (those are rare at
> this point, but it will change over the life time of Bullseye).
>
> And yes there have been security updates for 17 already, but it's a best effort
> thing. If someone commits to rebuild the openjdk-17 uploads to unstable
> for bullseye-security (along with proper testing), we can also omit a note
> for src:debian-security-support.
"along with proper testing" means, that we can turn on again the tests during
the build, which requires a heap of new upstream versions for jtreg, jtharness,
testng, groovy, and probably much more.
Matthias
Reply to: