Hello Simon McVittie. On Mon, May 16, 2016 at 10:12:19AM +0100, Simon McVittie wrote: [...] > uploaded to DELAYED/5. Diff attached, or available here: > ssh://alioth.debian.org/srv/home/users/smcv/public_git/libarchive.git > > If you would like it accelerated or cancelled, please let me know; or
Please feel free to go ahead with NMU without delay (as already mentioned to Salvatore)! > if you decide to go ahead with 3.2.0 or a 3.1.2-12 maintainer upload > in unstable so that my NMU is superseded and rejected, that's also fine > of course. I'll focus on 3.2.0 myself which means I'll likely just ignore your NMU if you base it on 3.1.2 when I feel 3.2.0 is ready to go to unstable (unless you have strong opinions on having your NMU changelog entry merged). > > I'll open a separate bug for the test failure. Since you are the > libarchive maintainer, you get to decide whether you consider failures on > the non-release kFreeBSD architectures to be RC. Because the kFreeBSD > architectures aren't release architectures, I believe out-of-date > binaries on those architectures don't slow down testing migration, > so fixing the security vulnerability on Linux doesn't need to block on > fixing the tests on kFreeBSD. Thanks. I don't consider kfreebsd a "real" blocker as this bug should not be RC, but given that AFAIK libarchive has a pretty exploding reverse dependency chain many important parts of the archive could quickly become unbuildable I thought it would be nice to give the kfreebsd porters a chance to reply to https://lists.debian.org/debian-bsd/2016/05/msg00032.html before proceeding. Not that I have super high hopes of getting a reply and I'll certainly not wait forever... just giving them a chance (so in another week or a bit more maybe I'll just upload). Regards, Andreas Henriksson PS. Help maintaining libarchive welcome!
