Package: release.debian.org Severity: normal Tags: stretch User: release.debian....@packages.debian.org Usertags: pu
Hi folks, We'd like to push an update into the last stretch point release for fwupd. The last version in stretch (0.7.4-2) is now considered so old that it's (a) not really functional any more, and (b) no longer supported by upstream. There are also security worries (CVE-2020-10759) with this version. We've discussed this with the security team (in CC) and they're keen to see this addressed, but maybe via the PU process before it hits LTS. To fix all this, we'd like to switch to a supported stable release branch as supported by upstream (0.8.x); Mario, the primary maintainer in Debian, is also part of the upstream development team and has been working to maintain that. Apparently Ubuntu and other distros have switched to this already. This *does* mean that the debdiff is *way* too large to fit in mail, sorry. :-( I've put a copy up at https://www.einval.com/~steve/debian/fwupd_0.8.3-1_amd64.debdiff.gz for reference. Sorry this is so big and so late... :-( -- System Information: Debian Release: 10.4 APT prefers stable-debug APT policy: (500, 'stable-debug'), (500, 'stable'), (500, 'oldstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.118+ (SMP w/4 CPU cores) Kernel taint flags: TAINT_UNSIGNED_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
