[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

My LTS November

originatlly posted at

In November I resumed work on Debian LTS and worked on the following packages:

 * [DLA 88-1](https://lists.debian.org/debian-lts-
announce/2014/11/msg00007.html) for ruby1.8 fixing several CVEs as described 
in the announcement.
 * [DLA 91-1](https://lists.debian.org/debian-lts-
announce/2014/11/msg00010.html) for tomcat6, mostly prepared by one of it's 
maintainers, Tony Mancill, also fixing several issues by upgrading to a new 
upstream version. I just did review, testing, release and announcement, and 
then figured out the proper versioing for Wheezy, which turned out to be 
problematic because using the recommend versioning breaks the upgrade paths, 
when new upstream versions are introdued to squeeze-lts which basically have 
same version as in will be (or are) in wheezy-security. One cause (besides the 
wrong recommendation which still needs fixing in [our wiki page]
(https://wiki.debian.org/LTS/Development) are non enforcable version 
constraints: the suites wheezy and squeeze-lts reside on ftp-master.debian.org 
(and wheezy is only updated on point releases), while wheezy-security resides 
on security.debian.org. Most probably we will still leave things as they are 
for squeeze-lts and do changes for wheezy-lts only. Oh, and the release of the 
tomcat6 update for wheezy is currently stalled by [#770769]
 * [DLA 92-1](https://lists.debian.org/debian-lts-
announce/2014/11/msg00011.html) for tomcat-native was also done in cooperation 
with Tony and is also a new upstream release, which is needed as the old 
version of tomcat-native doesn't function with the new tomcat6 version.
 * The update of linux-2.6 has not happened yet, but is planned for 
the coming weekend. So far it has been done in collaboration of Moritz 
Mühlenhoff from the security team, Ben Hutchings from the kernel team, and 
Raphaël Hertzog and myself from the LTS team, which I consider to be quite 
nice. As [Raphaël had already explained]
november-2014/), Ben has joined the LTS team and so far his contribution was 
to identify a problem in patch related to openvz, so I haven't published this 
kernel update yet. Also, there was zero feedback from testers for the openvz 
flavor packages - so if you are using openvz and squeeze kernels, please 
contact us. For all the other flavors there was positive feedback [to the call 
for testing](https://lists.debian.org/debian-lts/2014/11/msg00038.html) 
(thanks!) - so you might want to give these kernels a try too!

Thanks to everyone who is supporting Squeeze LTS in whatever form, according 
to the wide feedback there are quite many people appreciating the work!

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: