Re: LTS work

To: debian-gis@lists.debian.org, Sebastiaan Couwenberg <sebastic@xs4all.nl>, debian-gis@lists.debian.org, Sebastiaan Couwenberg <sebastic@xs4all.nl>
Subject: Re: LTS work
From: Bastien Roucaries <rouca@debian.org>
Date: Fri, 09 Jan 2026 19:12:23 +0100
Message-id: <[🔎] 5239139.rnE6jSC6OK@debian-ei>
In-reply-to: <[🔎] 1ccb6c5d-da22-4791-8502-a995a70fa7e8@xs4all.nl>
References: <[🔎] 2606304.NgBsaNRSFp@debian-ei> <[🔎] 3274708.88bMQJbFj6@debian-ei> <[🔎] 1ccb6c5d-da22-4791-8502-a995a70fa7e8@xs4all.nl>

Le vendredi 9 janvier 2026, 18:37:42 heure normale d’Europe centrale Sebastiaan Couwenberg a écrit :
> On 1/9/26 6:08 PM, Bastien Roucaries wrote:
> > Le vendredi 9 janvier 2026, 18:06:20 heure normale d’Europe centrale Sebastiaan Couwenberg a écrit :
> >> On 1/9/26 5:51 PM, Bastien Roucaries wrote:
> >>> Le vendredi 9 janvier 2026, 06:27:15 heure normale d’Europe centrale Sebastiaan Couwenberg a écrit :
> >>>> On 1/8/26 9:22 PM, Bastien Roucaries wrote:
> >>>>> Can i get access to team to do LTS/security work ?
> >>>>
> >>>> Will you also fix those issues in later versions or only in the LTS version?
> >>>>
> >>>> If you only work on the LTS version you don't need commit access in the team.
> >>> I planed to try to fix bookworm but patch is massive
> >>>
> >>> Any idea ?
> >>
> >> I guess you're talking about:
> >>
> >>    https://security-tracker.debian.org/tracker/CVE-2025-60751
> >>
> >> The commit linked from the tracker doesn't look too bad, which makes me think you're working on something else.
> >>
> >> Which package and issues are your working on?
> > https://security-tracker.debian.org/tracker/CVE-2025-59431
> 
> The patch we included for the trixie stable update wasn't that massive:
> 
>   https://sources.debian.org/src/mapserver/8.4.0-4%2Bdeb13u1/debian/patches/CVE-2025-59431.patch
> 
> If you need much more changes for 8.0.0 in bookwork, I wouldn't bother with it. But then again, you're getting paid for it, so it might be worth the effort for you.
> 
> > moeover technically mapserver FTBFS lexer and yacc c generated file are not regenerated at build time...
> 
> I have trouble parsing this sentence.
I means that .c file are not generated at build time from .l or .y file.

Usually we rebuild and consider release wise as a FTBFS, it fail to build from source that is .l or .y and use autogenerated by not trusted other c file.

Personnaly I repack and remove these autogenerated file from orig.tar.gz
> 
> mapserver doesn't FTBFS on bookworm according to reproducible-builds, it might be that the its not possible to generate those sources on bookworm which was fine because we didn't need to.
> 
> > Should I open a bug ?
> 
> No, users of mapserver on bullseye or bookwork should upgrade to trixie.
> 
> Kind Regards,
> 
> Bas
> 
>

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to:

References:
- LTS work
  - From: Bastien Roucaries <rouca@debian.org>
- Re: LTS work
  - From: Bastien Roucaries <rouca@debian.org>
- Re: LTS work
  - From: Sebastiaan Couwenberg <sebastic@xs4all.nl>

Prev by Date: Re: LTS work
Previous by thread: Re: LTS work
Index(es):
- Date
- Thread