Re: Refreshing mysql-connector-java

To: "Sylvain Beucler" <beuc@beuc.net>, "Debian LTS" <debian-lts@lists.debian.org>, "Debian Security Team" <team@security.debian.org>
Subject: Re: Refreshing mysql-connector-java
From: "Chris Lamb" <lamby@debian.org>
Date: Fri, 08 May 2020 10:39:15 +0100
Message-id: <[🔎] 2aabc7e9-bbf7-48ec-9f4f-9678d6a718a7@www.fastmail.com>
In-reply-to: <[🔎] a7c8207c-16ad-e327-d7a5-863864bfb5ef@beuc.net>
References: <[🔎] a7c8207c-16ad-e327-d7a5-863864bfb5ef@beuc.net>

Hi Sylvain et al.,

> The 3 recent vulnerabilities are an opportunity to refresh the package,
> so as not to have too big of a diff should a more critical vulnerability
> happen in the future.

No objections in theory but I am finding it difficult to gauge the
risk of introducing problems by refreshing this package without
knowing much about it.

(Do we have an idea of how big the debdiff would be for this initial
upload? Have we had issues in the past? Is there another metric we can
use?)


Best wishes,

-- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org 🍥 chris-lamb.co.uk
       `-

Reply to:

Follow-Ups:
- Re: Refreshing mysql-connector-java
  - From: Sylvain Beucler <beuc@beuc.net>

References:
- Refreshing mysql-connector-java
  - From: Sylvain Beucler <beuc@beuc.net>

Prev by Date: Re: keystone support in Jessie
Next by Date: d-s-s in sync in stable, oldstable and oldoldstable (Re: keystone support in Jessie)
Previous by thread: Refreshing mysql-connector-java
Next by thread: Re: Refreshing mysql-connector-java
Index(es):
- Date
- Thread