It seems that Adam D. Barratt unblocked libarchive to fix the security
bug. Unfortunately that wasn't enough to get the package into testing.
Specifically it seems that s390x has not successfully built this package
for some time (since before s390x stopped being considered a "broken and
fucked" architecture). As a result the s390x package is out of date in
both testing and unstable. Britney will not migrate the package if there
are out of date binaries in unstable (even if there are also out of date
binaries for the same package in testing). The cause of the build
failures seems to be a testsuite failure. Afaict there are several
options in this scenario.
1: someone gets to the bottom of the issue and submits a patch which is
uploaded
2: a version of the package is uploaded where the so that the s390x
version is either built without running the testsuite or where the
testsuite is run but it's failure is considered non-fatal
3: the s390x binaries are removed.
4: the package is forced into testing.
Option 1 is clearly the ideal outcome but relies on someone who has the
time and inclination (and no that won't be me) to get down and debug why
the testsuite isn't passing on s390x and hope that the resulting fix is
small enough for the release team to accept it. Given what this package
does I don't like option 2. Option 3 seems to be blocked by reverse
dependencies (especially cmake). Option 4 doesn't make the current
situation any worse but afaict outdated packages in testing are not
considered acceptable for release.
Thoughts? should I go file a rc bug about this issue?
P.S. I'm just poking through the rc bug list looking at why bugs are
still open in testing. I have no relationship to this package, i'm not
part of the relase team and i'm not a 390x porter.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
