Re: [SRM] proposed update backuppc for squeeze
On Wed, January 11, 2012 21:38, Adam D. Barratt wrote:
> On Wed, 2012-01-11 at 20:39 +0100, Thijs Kinkhorst wrote:
>> I propose attached NMU for backuppc for squeeze. This is meant to
>> address
>> #654692, a bug where backuppc produces corrupted tarballs. For me this
>> data corruption is important enough to want to fix it in squeeze.
>>
>> The bug was introduced in a Debian-specific patch, and
>> oldstable/testing/unstable are not affected.
>>
>> I've taken the opportunity to include a "no-DSA" XSS fix.
>
> Given that the affected logging code was apparently removed in the
> upload immediately following that in Squeeze and the other issues are
> fixed in unstable, I'd be happy for you to go ahead with this upload;
> thanks.
OK, will do.
> However, the version information for the logging-related bugs, to be
> candid, sucks. Firstly, please add a fixed version to #654692 (I assume
> "3.1.0-10" judging from the log). #558431's status is also rather
> confused. It appears that -10 was never uploaded directly to the
> archive and the upload including the fix didn't use -v, so the bug was
> never marked as fixed. I'm also somewhat confused as to why it's tagged
> "lenny" given that you indicated that oldstable doesn't include the
> affected code.
The tag "lenny" is a mistake for sure. I've removed that and added the
'fixed' versions 3.1.0-10 (fsvo 'fixed' - i.e. code removed).
> (As a side note, the "squeeze" tag on #654692 is also redundant. The
> affected version is only in stable, so BTS version tracking will do the
> right thing anyway, without the addition of any suite tags.)
I read in the documentation:
squeeze
[...]The bug also should not be archived until it is fixed in squeeze.
which seems applicable here.
Cheers,
Thijs
Reply to: