control: retitle -1 bullseye-pu: package debian-security-support/1:11+2023.12.11
thanks
hi,
I've updated this update request for adding 3 more lines to
security-support-ended.deb11 (and updating d/changelog)
On Wed, Oct 18, 2023 at 04:46:44PM -0300, Santiago Ruano Rincón wrote:
> [ Reason ]
> The reasons for this proposed update are:
> * Fix two bugs already solved in bookworm (#986581 and #986333)
> * Include samba in the list of packages with limited support (#1053109).
>
> Currently, because of #986581 and #986333, d-d-s's check-support-status
> silently ignores "golang*" packages, so users don't get any warning
> about their limited support status.
now also to add these 3 lines to security-support-ended.deb11:
tor 0.4.5.16-1 2023-11-22 https://lists.debian.org/debian-security-announce/2023/msg00258.html
consul 1.8.7+dfsg1-2 2023-12-04 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057418
xen 4.14.5+94-ge49571868d-1 2023-09-30 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053246
> [ Impact ]
> Bullseye users will continue to don't get any warning about the limited
> support regarding the golang.* packages installed in their systems.
>
> As for the samba-related change, without the upload, users will lose a
> change to get informed about its security support situation.
>
> [ Tests ]
> The changes include tests to verify #986581 and #986333 have been fixed.
> I have also manually verified on a bullseye container how the current
> and the proposed packages behave, and I can confirm the issues are
> fixed, and I didn't identify any regression.
>
> [ Risks ]
> The relevant code has been included in bookworm since its release. They
> were fully included in 1:12+2021.09.30:
> https://tracker.debian.org/news/1263114/accepted-debian-security-support-11220210930-source-into-unstable/
>
> The only difference in check-suppor-status.in between the proposed
> update and bookworm is:
>
> git diff HEAD bookworm -- check-support-status.in
> diff --git a/check-support-status.in b/check-support-status.in
> index 3ebf5e9..86b080a 100755
> --- a/check-support-status.in
> +++ b/check-support-status.in
> @@ -13,7 +13,7 @@ VERSION='[% VERSION %]'
> # Oldest Debian version included in debian-security-support
> DEB_LOWEST_VER_ID=9
> # Version ID for next Debian stable
> -DEB_NEXT_VER_ID=12
> +DEB_NEXT_VER_ID=13
>
> if [ -z "$DEBIAN_VERSION" ] ; then
> DEBIAN_VERSION="$(cat /etc/debian_version | grep '[0-9.]' | cut -d. -f1)"
>
> So the risk of regression is miminum.
>
>
> Regarding the change of adding samba in the list of packages with
> limited support. That doesn't represent any risk.
>
> [ Checklist ]
> [x] *all* changes are documented in the d/changelog
> [x] I reviewed all changes and I approve them
> [x] attach debdiff against the package in (old)stable
> [x] the issue is verified as fixed in unstable
>
> [ Changes ]
>
> From d/changelog:
the full new changelog is:
debian-security-support (1:11+2023.12.11) UNRELEASED-bullseye; urgency=medium
[ Santiago Ruano Rincón ]
* Mark samba support limited to non-AD DC uses cases (Closes: #1053109)
* Drop version-based check (Closes: #986581) and update test suite
accordingly. Backport changes made by Sylvain Beucler.
* Match ecosystems with limited support, test case updated. (Closes: #986333)
Backport changes by Sylvain Beucler.
* Use golang.* (as regex) instead of golang* in security-support-limited
[ Salvatore Bonaccorso ]
* Add tor to security-support-ended.deb11 Closes: #1056606.
[ Moritz Muehlenhoff ]
* Mark Consul as EOLed in Bullseye. Closes: #1057418.
* Mark Xen as EOLed in Bullseye. Closes: #1053246.
-- Santiago Ruano Rincón <santiago@freexian.com> Tue, 17 Oct 2023 13:08:20 -0300
I haven't uploaded this yet but everything is ready in a git branch.
Thanks!
--
cheers,
Holger
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ holger@(debian|reproducible-builds|layer-acht).org
⢿⡄⠘⠷⠚⠋⠀ OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
⠈⠳⣄
Be careful when you follow the masses. Sometimes the "m" is silent.
Attachment:
signature.asc
Description: PGP signature