Re: testing security uploads to trixie-security
- To: Emilio Pozuelo Monfort <pochu@debian.org>
- Cc: Moritz Mühlenhoff <jmm@inutil.org>, Paul Gevers <elbrus@debian.org>, Debian Security Team <team@security.debian.org>, debian-release <debian-release@lists.debian.org>, Debian FTP Masters <ftpmaster@ftp-master.debian.org>, Ansgar Burchardt <ansgar@debian.org>, Thorsten Alteholz <alteholz@debian.org>
- Subject: Re: testing security uploads to trixie-security
- From: Salvatore Bonaccorso <carnil@debian.org>
- Date: Mon, 16 Jun 2025 08:05:30 +0200
- Message-id: <[🔎] aE-0KnsMVyB6RcsN@eldamar.lan>
- Mail-followup-to: Emilio Pozuelo Monfort <pochu@debian.org>, Moritz Mühlenhoff <jmm@inutil.org>, Paul Gevers <elbrus@debian.org>, Debian Security Team <team@security.debian.org>, debian-release <debian-release@lists.debian.org>, Debian FTP Masters <ftpmaster@ftp-master.debian.org>, Ansgar Burchardt <ansgar@debian.org>, Thorsten Alteholz <alteholz@debian.org>
- In-reply-to: <[🔎] 1e6e47bc-df16-42ec-8d78-b9a95cc2e37e@debian.org>
- References: <[🔎] fc3bce91-2cbe-44fc-a170-006812a27ef4@debian.org> <aENepl9i4OV-IgOb@inutil.org> <[🔎] aEPb_Z5OPFjIwzWs@eldamar.lan> <[🔎] 1e6e47bc-df16-42ec-8d78-b9a95cc2e37e@debian.org>
Hi Emili, hi Paul,
On Sat, Jun 07, 2025 at 11:48:36AM +0200, Emilio Pozuelo Monfort wrote:
> On 07/06/2025 08:28, Salvatore Bonaccorso wrote:
> > Hi
> > On Fri, Jun 06, 2025 at 09:33:26PM +0000, Moritz Mühlenhoff wrote:
> > > On Fri, Jun 06, 2025 at 09:20:12PM +0200, Paul Gevers wrote:
> > > > Dear security team,
> > > >
> > > > Like last cycle [1] I'm asking you to test that the next security suite is
> > > > working as intended. In our checklist [2] it's mentioned to coordinate with
> > > > you an upload to trixie-security to confirm the build happens as expected.
> > > > The checklist goes on to suggest a check that also a package needing signing
> > > > works.
> > > >
> > > > During the last cycle some issues were found, one being that the archive
> > > > didn't allow uploads (IIUC). Maybe it's worth checking by ftp-master ahead
> > > > of time if that's the case now too (hence the CC).
> > > >
> > > > Paul
> > > >
> > > > [1] https://lists.debian.org/debian-release/2023/03/msg00072.html
> > > > [2]
> > > > https://wiki.debian.org/Teams/ReleaseTeam/ReleaseCheckList/TrixieCheckList
> > >
> > > Sure! If the dak infrastructre is ready, I can prepare a trixie-security upload
> > > for the open issues in src:libcoap3.
> >
> > Alternative proposal if we want as well the testing of the signing
> > service: I have a 6.12.32-1 pending next, how about uploading the
> > "noop" linux/6.12.31-1 for trixie-security < 6.12.32-1 unstable/trixie
> > and let all the part checking?
>
> Sounds good.
This testing has now been done and an intermediaary 6.12.31-1 linux
upload just landed in trixie-security (which should be soon be
overriden by the 6.12.32-1 one migrating to testing).
There were some problems on the way (trixie-security not allowing
source only uploads, a problem with the riscv64 uploads) and I would
like to thanks from heart in particular Ansgar for his work on
ftp-master side on dak, for preparing and fixing the missing bits.
As well Aurelien for fixing the buildd side for riscv64 uploads for
trixie-security.
Regards,
Salvatore
Reply to: