Bug#1040930: bullseye-pu: package ca-certificates-java/20190909+deb11u1

[Andreas Beckmann <anbe@debian.org>]

On 23/07/2023 15.01, Jonathan Wiltshire wrote:
> On Wed, Jul 12, 2023 at 04:11:04PM +0200, Andreas Beckmann wrote:
> > The bullseye-security upload of openjdk-17 broke the very fragile
> > assumption in ca-certificates-java that a jre can be used even
> > before it was configured for the first time.
> > As a result new installations of openjdk-17-jre-headless from
> > bullseye-security (or -pu) (and its circular dependency
> > ca-certificates-java from bookworm) will fail, #1039472, (but
> > upgrades seem to work fine, since the jre has been configured at
> > least once in the past).
>
> Please go ahead. Should it be published even before the next point release
> is scheduled?

Uploaded. As this only affects new installs (and a specific 
configuration order of the packages within the dependency loop) but not 
upgrades, this probably does not need to be pushed to bullseye-updates. 
AFAIK there haven't been any user bug reports about this issue, yet, 
since the breakage happened 4 weeks ago.

@doko: branch bullseye and signed tag are available in 
git@salsa.debian.org:anbe/ca-certificates-java.git

Andreas