[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Supporting unbound in stretch by upgrading to 1.9

Raphael Hertzog wrote:
> On Tue, 19 Jan 2021, Robert Edmonds wrote:
> > There is an unfixed issue in Unbound 1.9.0 (#962459 / #973052) that
> > affects some users (I have not been able to reproduce it). Upstream has
> > invested some time in helping the Debian maintainers track down
> > potential combinations of commits from later releases that may be
> > related to the issue, but we were not able to produce a working,
> > targeted fix. I would prefer that 1.9.0 not be exposed to more Debian
> > users, especially a combination of stretch's libevent and buster's
> > unbound that AFAIK has not been tested before.
> Really what this means is that we need to fix unbound in buster before we
> can resurrect support in stretch.
> I have read the history of the two bugs and at this point I would suggest
> to create a package of the latest 1.9.x and ask the tester in #962459
> if that versions fixes the issue, since we have not managed to cherry-pick
> a working set of commits.
> Then depending on the result, work with the release team to release
> that version in buster (or possibly 1.10 if really the last 1.9.x doesn't
> work reliably either).
> Concerning testing of unbound 1.9.x with the libevent 2.0 in stretch,
> well, we have LTS users of unbound so we can ask them to test the updated
> packages.

I would be OK with promoting an unbound package based on 1.9.6-2 (the
last 1.9.x package) to buster, if that's OK with the release team.
There were a lot of post-buster packaging changes in 1.9.x, though,
which IMO are not harmful for stable/oldstable. If the release team is
not amenable to that, the alternative would be to take the packaging
from buster's 1.9.0-2 and import the 1.9.6 upstream release, though I'm
not sure how we would version such a package. Maybe
1.9.0-2+deb10uX+really1.9.6, and then your backport to stretch would be

There is some precedent for updating the unbound package to a newer
upstream release in an already released Debian suite. Lenny was updated
from 1.0.2 to 1.4.6 due to (IIRC) upstream supportability issues in
stable and at the approval of the security team, and that was probably a
bigger jump in terms of upstream code changes than going from 1.9.0 to

Robert Edmonds

Reply to: