Re: spamassassin update

[Matt Palmer <mpalmer@debian.org>]

On Mon, Feb 02, 2015 at 02:12:06PM +0800, Bret Busby wrote:
> On 02/02/2015, Matt Palmer <mpalmer@debian.org> wrote:
> > On Sun, Feb 01, 2015 at 09:49:15AM -0800, Noah Meyerhans wrote:
> >> Let me know if I should go ahead with this upload, or if anything else
> >> is needed.
> >
> > You should not go ahead with this upload.
> >
> >> diff -Nru spamassassin-3.3.1/debian/changelog
> >> spamassassin-3.3.1/debian/changelog
> >> --- spamassassin-3.3.1/debian/changelog	2013-03-12 08:06:16.000000000
> >> -0700
> >> +++ spamassassin-3.3.1/debian/changelog	2015-01-31 22:51:43.000000000
> >> -0800
> >> @@ -1,3 +1,11 @@
> >> +spamassassin (3.3.1-1.2) squeeze-lts; urgency=medium
> >> +
> >> +  * Export perl_version to rules. (Closes: 771408)
> >
> > Based on my reading of that bug report, it is not an appropriate bug to be
> > addressed in a security update.
> 
> So, is the "LTS" only for security updates, and, not for fixing
> software problems?

The criteria for LTS updates are (roughly) the same as for stable updates:
security problems, and *major* regressions.  The main differences, so far,
are a few more things on the EoL list (mostly because of lack of support
from upstreams due to advancing age), a restricted set of build
architectures, and no hardware support updates in the kernel.

In the particular case at issue, I misspoke by saying "security update",
however the substantive portion of my statement stands: exporting
perl_version to the rules parser is not, IMO, an appropriate change for an
LTS upload.

- Matt