Re: Bug#1074338: src:libxml2: fails to migrate to testing for too long: unresolved RC issue

To: 1074338@bugs.debian.org
Cc: debian-release@lists.debian.org
Subject: Re: Bug#1074338: src:libxml2: fails to migrate to testing for too long: unresolved RC issue
From: Paul Gevers <elbrus@debian.org>
Date: Sun, 14 Jul 2024 07:37:08 +0200
Message-id: <[🔎] bdb1d9fa-ca67-4254-bd22-101a6c76d5e0@debian.org>
In-reply-to: <CAMr=8w5O0dvBtyVy++NfXxSaKjQHrThFM12g3UNyRQWxsN12cw@mail.gmail.com>
References: <f8f8ebfe-c42b-4bc5-8c70-65abf0b1169b@debian.org> <CAMr=8w5O0dvBtyVy++NfXxSaKjQHrThFM12g3UNyRQWxsN12cw@mail.gmail.com>

Hi Aron,

On 28-06-2024 5:44 a.m., Aron Xu wrote:

Would like to know if such steps would help resolve the issue better:
  - revert to a previous version which does not have API/ABI breakage
  - apply/port security patches on a best effort basis
  - help upstream to check and fix API/ABI changes

I think all three would help, where the first one is the quickest one toget things moving again. Given the severity of the security issuementioned in the changelog I think you could even consider ignoring itemnumber two for now, but maybe you mean going forward.

Or do you have any recommendations?

There is the option to do a Debian specific SONAME bump, but if thebreak was not intended and might get reverted that's probably a badidea. And if the changes are here to stay, upstream should bump SONAMEthemselves.


Paul

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature

Reply to:

Prev by Date: Bug#1072920: release.debian.org: force-skiptest debusine/0.3.2/riscv64
Next by Date: Bug#1072920: release.debian.org: force-skiptest debusine/0.3.2/riscv64
Previous by thread: Re: Coordingating/planning various golang transitions
Next by thread: Bug#1076325: transition: c-blosc2
Index(es):
- Date
- Thread