On Tue, Sep 23, 2014 at 22:36:43 +0200, Moritz Mühlenhoff wrote: > On Sat, Sep 20, 2014 at 02:18:34PM +0200, Julien Cristau wrote: > > On Sat, Sep 20, 2014 at 12:53:54 +0200, Moritz Muehlenhoff wrote: > > > > > On Sat, Sep 20, 2014 at 10:45:00AM +0200, Julien Cristau wrote: > > > > On Wed, Sep 17, 2014 at 22:29:10 +0200, Moritz Muehlenhoff wrote: > > > > > > > > > Hi release team, > > > > > dpkg-buildflags was switched to the strong stack protector on > > > > > the 10th of August. Many security-sensitive packages have already > > > > > been uploaded to unstable since then and I'm tracking which are > > > > > missing. > > > > > > > > > > For the remaining ones I'd like to request binNMUs. Is that > > > > > ok with and when's the best time? Probably not to early before > > > > > the freeze since some maintainer uploads will follow anyway, > > > > > but also not to close to the freeze. Maybe mid-October? > > > > > > > > > I think if you have a list now, that would be fine. We can always give > > > > them low build priority to not monopolize the buildds. > > > > > > Ok, will send the latest list in a few days. Is a list of source > > > packages enough or do you need to current version in unstable as well? > > > > > A version would allow us to not do unnecessary rebuilds if there's been > > a new upload after you generated the list. But if it's painful for you > > to generate, it's not actually mandatory. > > ATM I only have a list of source packages, see below. I can whip up a script > to generate versions over the weekend, but since these packages haven't seen > an upload since August 10th, there's probably little overhead if one or two > would be built twice. > Sorry I didn't get to these quickly. Do you have an updated list and/or package versions? Otherwise I'll just go ahead with the original list. Cheers, Julien
Attachment:
signature.asc
Description: Digital signature