Re: State of Jenkins in Debian

To: debian-java@lists.debian.org
Subject: Re: State of Jenkins in Debian
From: David Gerard <dgerard@gmail.com>
Date: Wed, 12 Mar 2014 15:13:37 +0000
Message-id: <[🔎] CAJ0tu1HDwq7dieGie+2N2gk=hi7S70MdOfEd_S3Thj7kh+cfcg@mail.gmail.com>
In-reply-to: <[🔎] 53207047.5040008@apache.org>
References: <[🔎] 5315E52E.4060109@ubuntu.com> <[🔎] 531FE604.4060008@debian.org> <[🔎] 53207047.5040008@apache.org>

On 12 March 2014 14:33, Emmanuel Bourg <ebourg@apache.org> wrote:

> For the record I pushed the latest version of tomcat7 to
> wheezy-backports. I do agree that uploading the new versions of Tomcat
> to fix security issues would be much better than backporting the changes
> to the version in stable. Tomcat is very stable and well tested, the
> risk of regression is low.

Ah ... I have found otherwise. In particular, the Tomcat project
doesn't understand backwards compatibility for minor versions. e.g.
https://issues.apache.org/bugzilla/show_bug.cgi?id=45015 is where
someone thought making the quote rules tighter and giving an error
rather than a warning would be the best possible idea for a
minor-number bugfix release, and never mind huge existing code bases
such as the one at my day job. We had a lot of fun with that one.

So I'd be quite careful with trusting Tomcat minor version upgrades.
Having been bitten, I don't.

- d.

Reply to:

References:
- State of Jenkins in Debian
  - From: James Page <james.page@ubuntu.com>
- Re: State of Jenkins in Debian
  - From: tony mancill <tmancill@debian.org>
- Re: State of Jenkins in Debian
  - From: Emmanuel Bourg <ebourg@apache.org>

Prev by Date: Re: State of Jenkins in Debian
Next by Date: Re: RFC - more slightly shonky java packages
Previous by thread: Re: State of Jenkins in Debian
Next by thread: Re: State of Jenkins in Debian
Index(es):
- Date
- Thread