Bug#704566: unblock: isc-dhcp/4.2.2.dfsg.1-5+deb70u4

To: Michael Gilbert <mgilbert@debian.org>, 704566@bugs.debian.org
Subject: Bug#704566: unblock: isc-dhcp/4.2.2.dfsg.1-5+deb70u4
From: Jonathan Wiltshire <jmw@debian.org>
Date: Mon, 8 Apr 2013 23:42:44 +0100
Message-id: <[🔎] 20130408224244.GO11842@ernie.home.powdarrmonkey.net>
Reply-to: Jonathan Wiltshire <jmw@debian.org>, 704566@bugs.debian.org
In-reply-to: <[🔎] CANTw=MP7hhqrkriJ3km2JMieCM5czfuvEbbzLTyOXcGhcc1+6A@mail.gmail.com>
References: <[🔎] CANTw=MPbqvxYNjbcsWY7ThAOS2Dm-_Pf7g3tRvskQeU7f6sBgg@mail.gmail.com> <[🔎] 20130403174754.GD11842@ernie.home.powdarrmonkey.net> <[🔎] CANTw=MP7hhqrkriJ3km2JMieCM5czfuvEbbzLTyOXcGhcc1+6A@mail.gmail.com>

(sorry for the delay, which was to avoid a rash reply)
(quotes have been re-ordered)

On Wed, Apr 03, 2013 at 08:12:15PM -0400, Michael Gilbert wrote:
> On Wed, Apr 3, 2013 at 1:47 PM, Jonathan Wiltshire wrote:
> > On Tue, Apr 02, 2013 at 09:07:44PM -0400, Michael Gilbert wrote:
> >> Please unblock package isc-dhcp
> >>
> >> This upload fixes a security issue in the embedded bind library.  It's
> >> a bit large due to the addition of a secondary patch system for
> >> patching bind issues.  Please see attached patch.
> >>
> >> unblock isc-dhcp/4.2.2.dfsg.1-5+deb70u4
> >
> > Nack with the patch system change. You can upload without it if you like.
> >

> Anyway, adding the secondary bind patching system is actually not
> unrelated to the bug being fixed.  It is the sanest solution of 3 ugly
> possibilities:
> 
> 1.  Add the separate bind patching system
> 2.  Extract bind.tar.gz (adding probably around 300,000 lines to the
> diff) and use the existing patching system

Thank you, that is the missing explanation that would have saved a round
trip mail.

You are right that the first option is the better. However, I discussed it
with Adam and we'd prefer the direct use of "patch" rather than added
build-dependencies at this point. You get patch for free because dpkg-dev
depends on it.

Feel free to upload a version with that change and assuming d-i are also
happy (hey kibi) one of us will unblock it.

Now the more delicate part of my mail, which I hope you will take in the
right spirit and not amiss:

> 3.  Avoid release team dogma and do the right thing with a DSA after
> the release.

Frankly I'm a bit disappointed that you would even threaten such an action,
though perhaps you didn't intend this quite how it sounded.

> > http://release.debian.org/wheezy/freeze_policy.html
> 
> So, yeah I'm of course aware of the freeze policy by now...

With respect we are not psychic and your original request gave no clue that
your upload had a good reason to *not* fit the freeze criteria. Spelling it
out (by all means do it painfully so) avoids much wailing and gnashing of
teeth.

Please work with us, and don't assume that we're being deliberately awkward
for our own amusement.

Thanks,

-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Bug#704566: unblock: isc-dhcp/4.2.2.dfsg.1-5+deb70u4
  - From: Michael Gilbert <mgilbert@debian.org>

References:
- Bug#704566: unblock: isc-dhcp/4.2.2.dfsg.1-5+deb70u4
  - From: Michael Gilbert <mgilbert@debian.org>
- Bug#704566: unblock: isc-dhcp/4.2.2.dfsg.1-5+deb70u4
  - From: Jonathan Wiltshire <jmw@debian.org>
- Bug#704566: unblock: isc-dhcp/4.2.2.dfsg.1-5+deb70u4
  - From: Michael Gilbert <mgilbert@debian.org>

Prev by Date: Bug#699492: unblock bacula-doc/5.2.6-2
Next by Date: Bug#704667: marked as done (unblock: xgks/2.6.1+dfsg.1-1)
Previous by thread: Bug#704566: unblock: isc-dhcp/4.2.2.dfsg.1-5+deb70u4
Next by thread: Bug#704566: unblock: isc-dhcp/4.2.2.dfsg.1-5+deb70u4
Index(es):
- Date
- Thread