Re: Drop support for libqb?

To: debian-lts@lists.debian.org
Subject: Re: Drop support for libqb?
From: Roberto C. Sánchez <roberto@debian.org>
Date: Fri, 15 Nov 2019 15:48:01 -0500
Message-id: <[🔎] 20191115204801.GH8905@connexer.com>
Mail-followup-to: Roberto C. Sánchez <roberto@debian.org>, debian-lts@lists.debian.org
In-reply-to: <[🔎] 20191115204259.6pezf4twipgnlqv6@layer-acht.org>
References: <[🔎] 20191112171152.GB8262@connexer.com> <[🔎] be43cdc7-4376-d891-c6f6-e043e91e3503@debian.org> <[🔎] 20191113042846.GA13302@connexer.com> <[🔎] 0ad05ca6-d8b0-8b63-3838-41466d2d7542@debian.org> <[🔎] 20191113132455.GA8905@connexer.com> <[🔎] 20191114171903.4olicguet67o44vd@layer-acht.org> <[🔎] 20191114183126.GA4524@connexer.com> <[🔎] 20191114185145.GB4524@connexer.com> <[🔎] 20191115204259.6pezf4twipgnlqv6@layer-acht.org>

On Fri, Nov 15, 2019 at 08:42:59PM +0000, Holger Levsen wrote:
> On Thu, Nov 14, 2019 at 01:51:46PM -0500, Roberto C. Sánchez wrote:
> > > I had not yet seen this message so I already submitted a MR.  Should I
> > > close that and make a direct commit?
> 
> I believe you did this now, but in any case: yes, please.
> 
Yes, that is done.

> > - Any feedback on this proposed DLA text?
> 
> a.) very cool!
> 
> > Package        : debian-security-support
> > Version        : 2019.11.15~deb8u1
> > 
> > 
> > debian-security-support, the Debian security support coverage checker,
> > has been updated in jessie.
> > 
> > This marks the end of life of the libqb package in jessie.  A recently
> > reported vulnerability against libqb which allows users to overwrite
> > arbitrary files via a symlink attack cannot be adequately addressed in
> > libqb in jessie.  Upstream no longer supports this version and no
> > packages in jessie depend upon libqb, thus making it a leaf package.
> 
> b.) I would drop the 'thus making it a leaf package.' half-sentence and
>     it conveys no relevant information.
> 

I have updated my draft.  When I upload to jessie a bit later on tonight
I will release the DLA with the updated wording.

> & thanks again for taking care of the d-s-s upload!
> 
My pleasure.

Regards,

-Roberto

-- 
Roberto C. Sánchez

Reply to:

References:
- Drop support for libqb?
  - From: Roberto C. Sánchez <roberto@debian.org>
- Re: Drop support for libqb?
  - From: Markus Koschany <apo@debian.org>
- Re: Drop support for libqb?
  - From: Roberto C. Sánchez <roberto@debian.org>
- Re: Drop support for libqb?
  - From: Markus Koschany <apo@debian.org>
- Re: Drop support for libqb?
  - From: Roberto C. Sánchez <roberto@debian.org>
- Re: Drop support for libqb?
  - From: Holger Levsen <holger@layer-acht.org>
- Re: Drop support for libqb?
  - From: Roberto C. Sánchez <roberto@debian.org>
- Re: Drop support for libqb?
  - From: Roberto C. Sánchez <roberto@debian.org>
- Re: Drop support for libqb?
  - From: Holger Levsen <holger@layer-acht.org>

Prev by Date: Re: automatically strip no-dsa tags by gen-DLA
Next by Date: Re: Drop support for libqb?
Previous by thread: Re: Drop support for libqb?
Next by thread: Re: Drop support for libqb?
Index(es):
- Date
- Thread