Bug#991366: marked as done (nmu: varnish-modules_0.16.0-2.1)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Fri, 23 Jul 2021 11:53:45 +0200
with message-id <CAM8zJQtOjhnDpTV+pVkP6hab3Yji_XuEHSXD9hh8eEJN2ep=OQ@mail.gmail.com>
and subject line Re: Bug#991366: nmu: varnish-modules_0.16.0-2.1
has caused the Debian Bug report #991366,
regarding nmu: varnish-modules_0.16.0-2.1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
991366: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991366
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: nmu: varnish-modules_0.16.0-2.1
• From: Stig Sandbeck Mathisen <ssm@debian.org>
• Date: Wed, 21 Jul 2021 17:48:52 +0200
• Message-id: <[🔎] 162688253276.38455.4856039455927504408.reportbug@turbotape.home.fnord.no>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: binnmu

Hello,

Please do a BinNMU of "varnish-modules" to ensure that the "varnish" security
fix can migrate to testing.

Background: After upgrading "varnish" from 6.5.1 to 6.5.2, the module
"bodyaccess" in this package fails to load, which was discovered with
autopkgtest. The "bodyaccess" module has a stricter dependency on the Varnish
version than the dependency declared in the "varnish-modules" package.

Getting the correct dependency into "varnish-modules" is tracked in
https://bugs.debian.org/991348, but a rebuild of "varnish-modules" against the
new varnish package may be a faster fix due to the freeze.

nmu varnish-modules_0.16.0-2.1 . ANY . unstable . -m "rebuild against new varnish"

--- End Message ---

--- Begin Message ---

• To: Stig Sandbeck Mathisen <ssm@debian.org>, 991366-done@bugs.debian.org
• Cc: Adrian Bunk <bunk@debian.org>
• Subject: Re: Bug#991366: nmu: varnish-modules_0.16.0-2.1
• From: Graham Inggs <ginggs@debian.org>
• Date: Fri, 23 Jul 2021 11:53:45 +0200
• Message-id: <CAM8zJQtOjhnDpTV+pVkP6hab3Yji_XuEHSXD9hh8eEJN2ep=OQ@mail.gmail.com>
• In-reply-to: <[🔎] 87sg05wj4b.fsf@turbotape.home.fnord.no>
• References: <[🔎] 162688253276.38455.4856039455927504408.reportbug@turbotape.home.fnord.no> <[🔎] 20210723075835.GA6431@localhost> <[🔎] 87sg05wj4b.fsf@turbotape.home.fnord.no>

Hi

On Fri, 23 Jul 2021 at 10:18, Stig Sandbeck Mathisen <ssm@debian.org> wrote:
>
> Adrian Bunk <bunk@debian.org> writes:
>
> > I am not a member of the release team, but shouldn't #991348 be a
> > release critical bug in any case?
> >
> > An security update of varnish after bullseye became stable could cause
> > to same problem, breaking production systems of our users.
>
> [...]
>
> > Doing first an NMU and then the proper fix of varnish-modules for
> > bullseye is not faster than doing the proper fix for varnish-modules
> > right away.

Thanks, Adrian!  Closing this bug then.

> Good points, I'll adjust the severity of #991348, do a proper update and
> request an unblock. Thanks for the feedback.

Great!  I think just attach the varnish-modules debdiff to the varnish
unblock bug, #991122, then we have everything in one place.
I think varnish may need a new upload with a Breaks: varnish-modules
(<< the fixed version).

Regards
Graham

--- End Message ---