[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#802159: New OpenSSL upstream version

On Tue, 20 Oct 2015, Don Armstrong wrote:
> On Sat, 17 Oct 2015, Kurt Roeckx wrote:
> > I've been waiting for the release team for a while to make a decision
> > on #765639 for a year now. Could you help in getting a decision?
> > 
> > I've actually been waiting for longer than that, I can't directly find
> > all links, but previous discussions about it are at least:
> > https://lists.debian.org/debian-devel/2013/09/msg00466.html
> > https://lists.debian.org/debian-project/2013/12/msg00140.html
> Is there anything that it would be helpful for the technical committee
> to do here to help facilitate coming to a decision on this?

From discussions (briefly) on IRC:

  <adsb> my general thoughts offhand are that new upstream versions in
         stable always make me twitchy, new upstream versions that
         introduce features or are sensitive / important packages more
         so, new upstream versions that do both doubly. and we try and
         avoid ending up saying no to people, which often ends up
         actually making things worse as they linger (and we're not
         doing that well at keeping up with the "easy" requests right

So from what I'm gathering, this looks like a case where there isn't
enough eyeballs to adequately review this particularly set of updates,
coupled with the importance of making sure that these updates are
correct and don't cause any unintended issues.

There was some discussion of whether a more concrete process might help
alleviate the time requirements of these reviews, but I think that's
something for the stable release managers (and other interested parties)
to hash out.

If there's something specific that you'd like the CTTE to try to do
beyond what I've just reported now, let me know.

Don Armstrong                      http://www.donarmstrong.com

Where I sleep at night, is this important compared to what I read
during the day? What do you think defines me? Where I slept or what I
did all day?
 -- Thomas Van Orden of Van Orden v. Perry

Reply to: