Re: Security update for ‘burn’ package

To: Ben Finney <ben+debian@benfinney.id.au>
Cc: debian-release@lists.debian.org
Subject: Re: Security update for ‘burn’ package
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Wed, 26 Aug 2009 21:01:30 +0100
Message-id: <[🔎] 1251316890.3290.2149.camel@kaa.jungle.aubergine.my-net-space.net>
In-reply-to: <[🔎] 87fxbffmr2.fsf@benfinney.id.au>
References: <[🔎] 20090823055734.GJ5164@benfinney.id.au> <[🔎] 1251223613.2142.437.camel@kaa.jungle.aubergine.my-net-space.net> <[🔎] 87fxbffmr2.fsf@benfinney.id.au>

On Wed, 2009-08-26 at 10:21 +1000, Ben Finney wrote:
> "Adam D. Barratt" <adam@adam-barratt.org.uk> writes:
> 
> > On Sun, 2009-08-23 at 15:57 +1000, Ben Finney wrote:
> > In either case, the answer is yes - uploads to any Debian archive must
> > be signed by a key in the Debian keyring.
> 
> Okay. So I should seek a sponsor in the ‘debian-mentors’ forum for the
> update into ‘stable’? Or should that be done here on the
> ‘debian-release’ forum?

For any stable upload which requires sponsorship, you should look for
that wherever you would for any other upload, be that debian-mentors or
elsewhere.

> > One quick query about the debdiff; apologies if I'm missing something,
> > but this hunk looks like a functionality change, rather than a strict
> > replacement:
> >
> > +-              if path_excluded:
> > +-                      iso.mkisofs_line_append(path_excluded + ' ')
> > ++              for path_excluded in paths_excluded:
> > ++                      iso.mkisofs_args.extend(["-x", path_excluded])
> 
> Thanks for asking. This change is necessary to go from invoking a shell
> with a single command-line string, to invoking a list of command-line
> arguments to be executed directly.
[...]
> This is a backport of the same approach from the version in ‘unstable’.

Ah, yes, I missed that on my first skim through the diff due to the
horrible indent level. :-/

Looking through the diff again, there are a lot of changes which don't
appear to be required and make the diff harder to review; one of the
principles of stable updates is that diffs should be minimal wherever
possible.

Please could you prepare and send an updated diff which does not include
the removal of old commented out code and the removal of functions from
"import" lines where the code is no longer used?  In general, code
tidy-up is obviously a good thing, but it's not really appropriate for a
stable update.  The change to burn-configure should definitely not be
included, as it only contains tidy-ups.

Apologies for not having spotted / mentioned that earlier.

Regards,

Adam

Reply to:

Follow-Ups:
- Re: Security update for ‘burn’ package
  - From: Ben Finney <ben+debian@benfinney.id.au>

References:
- Security update for ‘burn’ package
  - From: Ben Finney <ben+debian@benfinney.id.au>
- Re: Security update for ‘burn’ package
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Re: Security update for ‘burn’ package
  - From: Ben Finney <ben+debian@benfinney.id.au>

Prev by Date: Re: [SRM] spamassassin 3.2.5-2+lenny1
Next by Date: Re: [SRM] spamassassin 3.2.5-2+lenny1
Previous by thread: Re: Security update for ‘burn’ package
Next by thread: Re: Security update for ‘burn’ package
Index(es):
- Date
- Thread