Re: Debian Libre - blend/pureblend/derivative?

[Adrian Bunk <bunk@debian.org>]

On Tue, Nov 25, 2025 at 10:22:44AM +0100, Simon Josefsson wrote:
> Bastian Blank <waldi@debian.org> writes:
>...
> > Nope.  Neither do we add multiple copies of the same source, nor is this
> > package security supportable by definition.
> 
> I think that is a subjective statement.  Debian ship the same source
> many times over already with all vendored code in the archive.  Debian
> also ship packages that does not come with security support, e.g., most
> of the Rust/Go eco-systems.  I hear your desire not to have more of that
> though (which I agree with).

How big is the libre patch, and how likely is it to break due to changes 
on a kernel LTS branch?

If the patches are small and unlikely to break on an LTS branch, you 
could build a different kernel based on linux-source-<version> from 
src:linux.

user-mode-linux is a precedent for that, up to buster with patches.

user-mode-linux is already rebuilt for point releases, security support 
for static ecosystems will cover such packages also for DSAs.

Official libre live image for Debian 14 should then be possible.

> /Simon

cu
Adrian