Re: wanna-build only knows about older versions?

To: debian-release@lists.debian.org, debian-admin@lists.debian.org, leader@debian.org, team@security.debian.org
Subject: Re: wanna-build only knows about older versions?
From: Steve McIntyre <steve@einval.com>
Date: Tue, 5 Jul 2005 10:39:21 +0100
Message-id: <[🔎] 20050705093921.GA24428@einval.com>
In-reply-to: <[🔎] 20050705062516.GA12503@mauritius.dodds.net>
References: <20050704214855.GA19330@mauritius.dodds.net> <[🔎] 20050704231820.GI9591@mathom.us> <[🔎] 20050704232513.GK9591@mathom.us> <20050704214855.GA19330@mauritius.dodds.net> <[🔎] 20050704231820.GI9591@mathom.us> <[🔎] 20050705062516.GA12503@mauritius.dodds.net>

On Mon, Jul 04, 2005 at 11:25:16PM -0700, Steve Langasek wrote:
>On Mon, Jul 04, 2005 at 07:18:20PM -0400, Michael Stone wrote:
>> Ok, let's say wanna-build is ok.
>
>I'm not really willing to presume that it is; my preceding question was
>intended to establish *whether* it was.  Besides the fact that blogging
>about this stuff (apparently *instead* of talking to the involved parties in
>some cases) with comments like "Debian Security still broken" is bad for
>morale and far more damaging to Debian's reputation than the circumstances
>would actually seem to warrant (given that if arm is really the only issue
>with sarge right now, this is obviously not the first time arm's been a
>problem, and no one thought a media shitstorm was a good idea until this
>round!), these blog entries sure don't give *me* enough information to try
>to be useful.
>
>> Let's say everything is ok (I don't know enough about the buildd structure
>> to claim otherwise). WTF is up then?[1] I've already released two DSA's
>> without arm, and have 3 more pending.
>
>I'd love to know.  Wanna-build seems to think that sudo was built fine on
>arm, and uploaded.  I have no way to know from here if the arm .deb visible
>now on security.debian.org is the same one, or if someone hand-built that.
>This seems to have only happened today, so of course it's not in the DSA
>released on the 1 July.  There are a few other packages listed by
>wanna-build as "Installed" on arm for stable-security; that includes ht,
>qpopper, and a couple that don't appear to have corresponding DSAs yet.  I
>can confirm those for you off-list if you want.

Hmmm. I'm not sure whether it may be the cause of some of the issues
here, but I've just noticed that the system clock on toffee was ~6
days behind where it should be. I've just fixed that, and fixed the
NTP config so it shouldn't happen again. Checking the logs, I can see
that sudo was built successfully on it on what it thought was the 25th
June (i.e. 1st July). A couple of other sarge-security builds also
look successful on that same day.

This clock skew would explain the daft timestamps that Michael
saw. I'm not 100% sure what else is going on with security builds -
toffee is currently building unstable packages, and doesn't seem to
have touched security in several days.

-- 
Steve McIntyre, Cambridge, UK.                                steve@einval.com
You lock the door
And throw away the key
There's someone in my head but it's not me

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- Re: wanna-build only knows about older versions?
  - From: Michael Stone <mstone@debian.org>
- Re: wanna-build only knows about older versions?
  - From: Michael Stone <mstone@debian.org>
- Re: wanna-build only knows about older versions?
  - From: Steve Langasek <vorlon@debian.org>

Prev by Date: Re: wanna-build only knows about older versions?
Next by Date: Re: wanna-build only knows about older versions?
Previous by thread: Re: wanna-build only knows about older versions?
Next by thread: Re: wanna-build only knows about older versions?
Index(es):
- Date
- Thread