Hi, A short note, as I'm currently short on time:* I've been a bit overwhelmed by the amount of messages in a relatively short time frame, I'm struggling to keep up * The official Debian live images are generated based on the status of git on the date of their release
* They are generated by the 'rebuild.sh' script [1]* That script takes the timestamp of the archive and finds a matching version of live-build in git * All releases, including point releases use this, so stable and oldstable point releases will have this bug * Since live-build currently no longer has the diversion, upcoming point releases will not have the diversion either * Repairing the issue in live-boot does not help: the old, already generated live images will not see that fix, and newer live images will not need the fix * I have not looked _why_ the diversion was present in live-build, so I don't know yet whether there are side-effect during the build that depend on the content of the modified file * Bringing the fixes to backports are not technically required for Debian, but derivatives which use the distributed version of live-* packages might need it
With kind regards, Roland [1] https://wiki.debian.org/ReproducibleInstalls/LiveImages
Attachment:
OpenPGP_signature.asc
Description: OpenPGP digital signature