Bug#1070998: bookworm-pu: package fossil/2.24-5~deb11u1

To: Bastien Roucariès <rouca@debian.org>, 1070998@bugs.debian.org
Cc: "Barak A. Pearlmutter" <barak@cs.nuim.ie>
Subject: Bug#1070998: bookworm-pu: package fossil/2.24-5~deb11u1
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 25 May 2024 21:01:46 +0200
Message-id: <[🔎] ZlI1mu-ffG8TjCuN@eldamar.lan>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 1070998@bugs.debian.org
In-reply-to: <[🔎] 1927977.BqyohSTcPB@portable-bastien>
References: <[🔎] 1927977.BqyohSTcPB@portable-bastien> <[🔎] 1927977.BqyohSTcPB@portable-bastien>

Hi Bastien,

On Sun, May 12, 2024 at 05:47:31PM +0000, Bastien Roucariès wrote:
> Package: release.debian.org
> Severity: normal
> Tags: bookworm
> X-Debbugs-Cc: fossil@packages.debian.org
> Control: affects -1 + src:fossil
> User: release.debian.org@packages.debian.org
> Usertags: pu
> 
> this bug was opened by previous arrangement with maintainer.
> 
> [ Reason ]
> fossil is affected by a regression due to a security update of apache
> CVE-2024-24795. Backport was choosen
> because upstream does not document all commit needed for fixing the regression.

Disclaimer, not SRM so this is not an authoritative answer.

But that means that as well packaing changes beween 1:2.21-1 and the
proposed one are included. Are all of those allowed to be done or
should you individually revert some changes?

E.g. there is 

  * Bump policy
  * Build depend on pkgconfig instead of obsolete pkg-config
and
  * Oops, typo: pkgconf

which might indeed be fine. But should defintitively be checked.

Regards,
Salvatore

Reply to:

References:
- Bug#1070998: bookworm-pu: package fossil/2.24-5~deb11u1
  - From: Bastien Roucariès <rouca@debian.org>

Prev by Date: Bug#1069891: bookworm-pu: package ansible/7.7.0+dfsg-3+deb12u1
Next by Date: Uploading linux (6.8.11-1)
Previous by thread: Bug#1070998: bookworm-pu: package fossil/2.24-5~deb11u1
Next by thread: Re: Accepted libcxx-serial 1.2.1-6 (source) into testing-proposed-updates
Index(es):
- Date
- Thread