Re: Missing openssl build for i386
On Mon, Jun 09, 2014 at 12:53:34PM +1000, Matt Palmer wrote:
> On Sat, Jun 07, 2014 at 10:45:25AM +0200, Jeroen Dekkers wrote:
> > At Fri, 6 Jun 2014 08:04:38 +0200,
> > Moritz Muehlenhoff wrote:
> > >
> > > On Fri, Jun 06, 2014 at 09:15:11AM +1000, Matt Palmer wrote:
> > > > On Thu, Jun 05, 2014 at 11:30:12PM +0100, Steven Chamberlain wrote:
> > > > > Hi again,
> > > > >
> > > > > Looking at the Packages file on the same mirror, I see the
> > > > > openssl packages available for amd64, but not i386?
> > > >
> > > > The amd64 build got uploaded just before a dinstall run, while the i386
> > > > build was uploaded some time afterward. If it isn't already there now, it
> > > > should show up in the next six hours (at most).
> > >
> > > Maybe the frequency of dinstall runs can be increased for the squeeze-lts
> > > suite (not sure if that's a per suite setting)
> > What are the reasons for not using security.debian.org for the LTS
> > security updates? This was probably discussed on the old list, but I
> > wasn't subscribed there and the archives aren't public.
> I wasn't involved in the discussions, but my understanding from
> after-the-fact info is that security.d.o is (reasonably enough) quite locked
> down, and wasn't built for adding new suites as easily as the main archive.
Yes, that's correct. Releasing security updates for security.debian.org involves
shell access to an otherwise locked down system.
> Given that, at this stage at least, LTS is an experiment, spending the extra
> energy on making security.d.o up to the task wasn't considered reasonable.
There are plans to move the release process to a PGP-based system (roughly
similar to what is being used to grant Debian maintainers upload privileges
to a system). That involves some work, though and I don't think anyone is
currently on it. If anyone wants to work on this, I can provide more details.