[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#913674: Preparing p-u upload

Hi Adam,

> That's rather large for a regression fix.

Agreed. I had previously tried fixing the patch that broke Yubikey NEO
support, but I was unsuccessful. This is documented in #910786.

I can understand concerns about updating the upstream version; the only
other option I see would involve removing one if not all patches that
were added in opensc/0.16.0-3+deb9u1 -- and re-introducing CVE-worthy
bugs.

I had the impression that updating to a new upstream version was a done
deal. Quoting yourself
(https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913674#10):

,----
| Firstly, one needs to identify whether the same issue affects the
| package in unstable.
| 
| Once it's been confirmed that unstable is no{t, longer} affected,
| someone should produce a fixed package and open a p-u bug to document
| uploading that to proposed-updates.
`----

Part 1 is done: I can attest that the version in unstable (0.19.0-1) is
NOT affected by the Yubikey NEO issue.

Part 2 is also basically done, I was just asking for advice on what to
include in the changelog.

Cheers,
-Hilko
Reply to: