Your message dated Tue, 4 Jun 2019 19:58:58 +0200 with message-id <85d6af1d-04bf-ea59-ebcc-afcfe4683896@debian.org> and subject line Re: Bug#928026: release-notes: document the state of security support for golang packages in Buster has caused the Debian Bug report #928026, regarding release-notes: document the state of security support for golang packages in Buster to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 928026: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928026 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: release-notes: document the state of security support for golang packages in Buster
- From: Holger Levsen <holger@layer-acht.org>
- Date: Fri, 26 Apr 2019 10:29:58 +0000
- Message-id: <20190426102958.c3h22jetcdn2s4ov@layer-acht.org>
- In-reply-to: <20190420210734.GA22183@pisco.westfalen.local>
- References: <f1a737f3-b0d9-1111-f42e-bb10196b63f6@debian.org> <20190420210734.GA22183@pisco.westfalen.local>
package: release-notes x-debbugs-cc: jmm@inutil.org, elbrus@debian.org, team@security.debian.org, release-notes@packages.debian.org, debian-release@lists.debian.org On Sat, Apr 20, 2019 at 11:07:34PM +0200, Moritz Mühlenhoff wrote: > > Are there other concerns or warnings and > > should they already be mentioned in the release notes? > > There has been no visible movement on the issues with Go as mentioned in > https://lists.debian.org/debian-release/2018/07/msg00002.html (and > this dates back much further, initial discussions were from 2016 or > earlier). > > This is already an issue in Stretch (e.g. #922170), but will be much > worse in Buster, so unless someone reliably commits to work on > this ASAP the available options are to drop everything Go apart > from the toolchain packages from buster or exclude of all that mess > from security updates so that people know what they can expect. filing a bug (in coordination with Moritz) so this doesnt get forgotten. Also, I believe this bug should be cloned and reassigned to src:debian-security-support as well, so it's also documented there. Will do so once the bug arrives back. -- tschau, Holger ------------------------------------------------------------------------------- holger@(debian|reproducible-builds|layer-acht).org PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1CAttachment: signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
- To: Justin B Rye <justin.byam.rye@gmail.com>, 928026-done@bugs.debian.org
- Subject: Re: Bug#928026: release-notes: document the state of security support for golang packages in Buster
- From: Paul Gevers <elbrus@debian.org>
- Date: Tue, 4 Jun 2019 19:58:58 +0200
- Message-id: <85d6af1d-04bf-ea59-ebcc-afcfe4683896@debian.org>
- In-reply-to: <[🔎] 20190604155034.iqeof7cvtvrqwwzh@jbr.me.uk>
- References: <f1a737f3-b0d9-1111-f42e-bb10196b63f6@debian.org> <20190420210734.GA22183@pisco.westfalen.local> <20190426102958.c3h22jetcdn2s4ov@layer-acht.org> <20190426102958.c3h22jetcdn2s4ov@layer-acht.org> <20190426102958.c3h22jetcdn2s4ov@layer-acht.org> <[🔎] c2a0529e-5f26-b6b7-aa4b-030a2c9fa86e@debian.org> <[🔎] 20190604155034.iqeof7cvtvrqwwzh@jbr.me.uk>
Hi Justin, On 04-06-2019 17:50, Justin B Rye wrote: [ good review ] Pushed, thanks. PaulAttachment: signature.asc
Description: OpenPGP digital signature
--- End Message ---