Re: [Fwd: Re: Tomb package 2.5 > 2.6]

To: Sven Geuer <debmaint@g-e-u-e-r.de>
Cc: Debian Security Tools Packaging Team <debian-security-tools@lists.debian.org>, Dmitry Elmanov <delmanov@gmail.com>
Subject: Re: [Fwd: Re: Tomb package 2.5 > 2.6]
From: SZ Lin (林上智) <szlin@debian.org>
Date: Sat, 5 Oct 2019 20:43:26 +0800
Message-id: <[🔎] CAFk6z8N8-oWFL7DzCfS8S3nZMf0P+1KcpA6UWXG+W0_fH9Tofw@mail.gmail.com>
In-reply-to: <[🔎] e38213389954477b2a51e7dac78ecc47a7cd2b2a.camel@g-e-u-e-r.de>
References: <1698865211.20191003141122@gmail.com> <[🔎] e38213389954477b2a51e7dac78ecc47a7cd2b2a.camel@g-e-u-e-r.de>

Hi Sven,

Sven Geuer <debmaint@g-e-u-e-r.de> 於 2019年10月4日 週五 上午3:12寫道：
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Hi Team,
>
> I received a request to bring tomb 2.6 to buster (see forwarded mail
> below). I believe backports is the way to go. Do you agree?

I've skimmed the commits between 2.5 and 2.6, and many commits are
not related to security fixes. Therefore, I think buster-backport is more
suitable for this case if you want to use tomb 2.6 in Debian 10.

Moreover, if there is any specific security issue (e.g., CVE) need to be fixed,
the buster-security is the way.

SZ

>
> @Dmitry: I'm not sure why you consider tomb 2.6 a security update.
> Anyway, to emphasize your request I suggest you open up a whishlist bug
> against tomb.
>
> Sven
>
> - -------- Weitergeleitete Nachricht --------
> Von: Dmitry Elmanov <delmanov@gmail.com>
> An: Sven Geuer <debmaint@g-e-u-e-r.de>
> Betreff: Re: Tomb package 2.5 > 2.6
> Datum: Thu, 3 Oct 2019 14:11:22 +0300
>
> > Dear Sven
> >
> > Tomb 2.6 safely settled in the Testing. Thank you.
> > In my opinion, there are all signs that version 2.6
> > is a "security update", and therefore may come to
> > a stable branch. Is it possible? Or backports...?
> >
> > Best regards,
> > Dmitry Elmanov
> >
> > >
> -----BEGIN PGP SIGNATURE-----
>
> iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl2WRakACgkQrfUO2vit
> 1YWS7g/9HoeQkkz14koe0iBfC6pqDFxgkLyFcdB4GOUF6eu3A6kHdSsfYDj4g33F
> kUwANU2aZ3ep3plkb6bS5SmpDRt3g1Mwvd+za0rlQNyEu2lnbqOUZKEqpcRg4xl7
> BLkbevYeDCc36WOg2GgxtaQ0+PBeVTl0k19jeQgP0CIHcwKDGt3wkjS89NAsanqn
> IICiP3sLN3yFWtpPiK6KkUrQ0P2hCU7xDSdutKxNw0uRLzGL7iemX8vmD+SzjCDe
> QtZaY2HW3lrMPcPjWgbmj90y4wsufuEWduKGJSl0XWXDX/vhGQLBFOJMCb2C19lV
> kASTBzcldhxLakqeOkW4GomS2GajO1TQ//mY8P2/KIYjlIxEmt8XUxWjm3CU/F+O
> khPrC8ZNZ6eW+kf+Xw7suKKnTirSI5MvWKtnJRklh/ufVXlEY5ALAz/enesKQ6jx
> bMz4FwMM1amvc5qlsKOlFHMLUuDP2KxmHvcum5aZnbs0M5VLETviRKcRSrOWh9Yh
> YkB/scyHS0CYHDgOr1umpEeV7XcQSmlOpx6/yb3m4UrVnSMeCHCZI5tjSb43NFo2
> yb3gjduPCsXJ0/Snpyw7MXeKemtFV4RJXp20StKokAB+bjyDVkhILDLTaay/Iw5t
> FvZPz0+s4NY8f547dRpofbjVdPbnulFlNP8Fgu2FN+oZr4b2NXM=
> =a+4B
> -----END PGP SIGNATURE-----
>

Reply to:

Follow-Ups:
- Re: [Fwd: Re: Tomb package 2.5 > 2.6]
  - From: Sven Geuer <debmaint@g-e-u-e-r.de>

References:
- [Fwd: Re: Tomb package 2.5 > 2.6]
  - From: Sven Geuer <debmaint@g-e-u-e-r.de>

Prev by Date: [Fwd: Re: Tomb package 2.5 > 2.6]
Next by Date: Objections to enable salsa-ci in our packages?
Previous by thread: [Fwd: Re: Tomb package 2.5 > 2.6]
Next by thread: Re: [Fwd: Re: Tomb package 2.5 > 2.6]
Index(es):
- Date
- Thread