Hi, Just a few additions below.
Adam D. Barratt <a...@adam-barratt.org.uk> (2017-07-04): > Control: tags -1 + moreinfo > > On Wed, 2017-07-05 at 00:40 +0200, Thomas Goirand wrote: > > Steve found out that the OpenStack images do not include the security > > update repositories by default in Stretch (though it's ok for Wheezy > > and Jessie). This was fixed in version 1.20 of openstack-debian-images > > which I uploaded to sid. It's this commit: > > > > https://anonscm.debian.org/cgit/openstack/openstack-debian-images.git/commit/?id=2a78166a6c4ee5ee2b25dc5ed37323f761337bbd > > > > It's not as bad as it sounds though, because as soon as you boot the > > image, cloud-init manages the sources.list and add the security > > repositories, then performs an update. Though I still believe this > > deserves a fix ASAP anyway. I'm a little surprised how something that “isn't as bad as it sounds” needs to get a fix “ASAP” anyway. > > Would it be ok to just get version 1.20 into the next point release? > > Or should I prepare the exact same change in a 1.19+deb9u1 version > > (which IMO would be missleading)? What would be misleading exactly? An update in stable following the versioning scheme that's been in place for several releases? > We can't "just get" a package from unstable into a point release. It > needs reuploading via proposed-updates, whether as 1.19+deb9u1 or > 1.20~deb9u1. I fail to see why this package should be different from > every other in that respect. Ditto. > As usual, please provide a debdiff of the proposed source package, > built and tested on stable, so that it can be confirmed. Yeah, following the usual procedure, that has existed for years, *will* save everyone time. Please do that. KiBi.
signature.asc
Description: Digital signature
