[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Preparation of the next stable Debian GNU/Linux update (I)

On Fri, 15 Sep 2006 00:45:35 +0200
Martin Zobel-Helas <zobel@ftbfs.de> wrote:

> Preparation of Debian GNU/Linux 3.1r4
> =====================================
> An up-to-date version is at <http://release.debian.org/stable/3.1/3.1r4/>.
> We are preparing the next revision of the current stable Debian
> distribution (sarge) and will frequently send reports so people can
> actually comment on it and intervene whenever this is required.
> If you disagree with one bit or another, please reply to this mail and
> explain why these things should be handled differently.  
> The overall plan is to release a new update of the stable Debian
> distribution roughly two months after the last update or after the
> initial release, whichever is suitable.  The next revision of stable
> should therefore be released at October, 16th.
> An ftpmaster still has to give the final approval for each package
> since ftpmasters are responsible for the archive.  However, we are
> trying to make their work as easy as possible in hope to get the next
> revision out properly and without any hassle.
> The regulations for updates to the stable Debian release are quite
> conservative.
> The requirements for packages to get updated in stable are:
>  1. The package fixes a security problem.  An advisory by our own
>     Security Team is required.  Updates need to be approved by the
>     Security Team.
>  2. The package fixes a critical bug which can lead to data loss,
>     data corruption, or an overly broken system, or the package is
>     broken or not usable (anymore).
>  3. The stable version of the package is not installable at all due to
>     broken or unmet dependencies or broken installation scripts.
>  4. All released architectures have to be in sync.
>  5. The package gets all released architectures back in sync.
> It is (or (and (or 1 2 3) 4) 5)
> Regular bugs and upgrade problems don't get fixed in new revisions for
> the stable distribution.  They should instead be documented in the
> Release Notes which are maintained by Rob Bradford
> <mailto:robster@debian.org> and are found at
> <http://www.debian.org/releases/sarge/releasenotes>.
> Packages which will most probably be rejected:
>   . Packages that fix non-critical bugs.
>   . Misplaced uploads, i.e. packages that were uploaded to 'stable
>     unstable' or `frozen unstable' or similar.
>   . Packages for which its binary packages are out of sync with regard
>     to all supported architectures in the stable distribution.
>   . Binary packages for which the source got lost somehow.
>   . Packages that fix an unusable minor part of a package.
> If you would like to get a package updated in the stable release, you
> are advised to talk to the stable release managers first (see
> <http://www.debian.org/intro/organization>).


What about #375494 and #377047, those are security bugs in the current stable distribution (Sarge) and according to the Security Team it didn't warrant an upload. Although it has a CVE so I think it's worth an upload to stable.

What do you think ?


Matthijs Mohlmann

Attachment: signature.asc
Description: PGP signature

Reply to: