Re: Should singularity-container make it to next release?

To: Nilesh Patra <nilesh@debian.org>, debian-devel@lists.debian.org
Cc: debian-hpc@lists.debian.org, Andreas Tille <tille@debian.org>
Subject: Re: Should singularity-container make it to next release?
From: Praveen Arimbrathodiyil <praveen@onenetbeyond.org>
Date: Thu, 13 Oct 2022 02:06:58 +0530
Message-id: <[🔎] 1700c722-a6cb-e72e-64bd-d17bb0e4ce7d@onenetbeyond.org>
In-reply-to: <[🔎] 20221012160820.r4tjfrz2v6czmz45@nileshpatra.info>
References: <[🔎] 20221012160820.r4tjfrz2v6czmz45@nileshpatra.info>



On 12/10/22 9:38 pm, Nilesh Patra wrote:

So my fear is that: Once singularity-container hits stable release, and there is
a CVE being found. It'd be a hellhole for me/others to find what exactly
fixed the CVE (unless it is being clearly stated), and apply that. The only
option left would be to upgrade the package to fix the CVE and I don't know if
release team would allow that.

If you can't have it in stable, consider fasttrack.debian.net as anotheroption through which you can ship new upstream versions directly. Wehave been shipping gitlab and virtual box via this repo for two releasesalready. At present this is unofficial, but if there is enough interestwe can propose making it official at some point (like backports whichstarted out as unofficial but later became official).

Attachment: OpenPGP_0x8F53E0193B294B75.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply to:

References:
- Should singularity-container make it to next release?
  - From: Nilesh Patra <nilesh@debian.org>

Prev by Date: Re: Should singularity-container make it to next release?
Next by Date: Processing of libpsm2_11.2.185-2_source.changes
Previous by thread: Re: Should singularity-container make it to next release?
Next by thread: Processing of singularity-container_3.10.3+ds1-1_source.changes
Index(es):
- Date
- Thread