Bug#1109993: bookworm-pu: package rsync/3.2.7-1+deb12u3
Control: tag -1 - moreinfo
Hello Jonathan,
On Mon, 28 Jul 2025 at 22:21, Jonathan Wiltshire <jmw@debian.org> wrote:
>
> This proposal does not fit the usual criteria for an update to the stable
> release. Why do the enhanced tests need adding *now* for hypothetical
> future security updates?
I thought increasing test coverage was within the scope of stable-pu
updates, is this not the case? I mean, this will make it easier to catch
regressions in stable uploads.
I might have misunderstood the question, but we want to add these tests to
bookworm in order to detect regressions in future updates to the rsync package
in bookworm. We've had a bad regression pushed to bookworm in January this
year as part of a CVE fix, that's the type of problem I'm trying to avoid from
happening, does this answer it?
The same changes are also part of Trixie already, but they won't catch any
problems in future bookworm uploads.
Maybe you're asking why not wait until the next upload of rsync to
bookworm in order to push this with it. If that's the question, I'd
prefer to do it now and not have to risk missing this in a future
upload, it makes the review simpler due to the smaller diff, and it
could also catch regressions introduced by rdeps (uploaded independently
of rsync).
Regards,
--
Samuel Henrique <samueloph>
Reply to: