Bug#999509: bullseye-pu: package kodi/2:19.1+dfsg2-3~deb11u1
Control: tags -1 + confirmed
On Fri, 2021-11-12 at 06:32 +0000, Vasyl Gello wrote:
> Targeted fix for CVE-2021-42917
[...]
> One patch added to fix the vulnerability plus necessary
> changes in d/control, d/gbp.conf and d/changelog to make
> bullseye a separate branch
>
+kodi (2:19.1+dfsg2-3~deb11u1) bullseye-updates; urgency=medium
So far as I can tell, there was never a 2:19.1+dfsg2-3 package for this
to be a backport of, so the version should be 2:19.1+dfsg2-2+deb11u1.
The distribution should simply be "bullseye"; "bullseye-updates" is a
separate suite to which uploads are never directly made, and which is
not relevant in this case.
With those changes in mind, please go ahead.
> [ Other info ]
>
> I would like to get this in bullseye so that I can decouple the 19.4
> build in unstable
> from the requirement to keep the older versions of embedded
> libdvdnav, dvdread. Also
> keeping 19.4 compatible with bullseye prevents me from fixing other
> bugs involving
> changes in binary package contents (and introducing new binary
> packages, too).
Well, not having this fix in bullseye doesn't actually prevent you from
making other changes in unstable. Anyway, apologies for the delays in
dealing with the larger update; they tend to need more time and
involvement, particularly for packages that haven't had such updates
before, and for several reasons my Debian time has been limited
recently.
Regards,
Adam
Reply to: