[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: nss security update package ready for review

On 2016-11-30 16:17:50, Ola Lundqvist wrote:
> Hi Antoine
> I do not find it strange (as I was one of the two that did it). You
> are supposed to keep the changelog as far as I know. I mirrored the
> changes in stable/jessie. I never checked the unstable version (I do
> not think I did at least).

I did not find the wheezy update specifically strange, i found the
*stable* update strange: what you did was normal, you reused the update
from stable.

I find it strange that the stable backport was not simply importing the
package from testing, and is instead an hybrid between testing and

> However the resulting package was the same (as jessie at least) as I
> copied most of the changes from there. The only thing that was kept
> was the changelog and some minor things.
> The reason why the test suite is not run during build is that some
> tests failed. They were not essential for nss to work, but they failed
> the build.

Did the test suite pass before the update? That seems like a rather
serious problem: it makes maintenance of the package much harder in the
long term because now we do not know if we have a regression.

> I agree with you that it is better to update to the later version if
> this is just an upstream bugfix release.


By the way, in my previous message I refer to nss 2.26*, I obviously
meant nss 3.26*.


Never be deceived that the rich will allow you to vote away their wealth.
                        - Lucy Parsons

Reply to: