Hi Andreas, On 20.11.20 19:27, Andreas Tille wrote: >> The amd64 binaries uploaded to buster-backports by Andreas Tille (cc'd) >> seem to have been built in a stretch environment? Other architectures' >> builds from the buildds seem to be as expected. > > Argh! > >> https://packages.debian.org/buster-backports/python3-lxml says: >> >> dep: python3 (<< 3.6) [amd64] >> dep: python3 (<< 3.8) [not amd64] >> dep: python3 (>= 3.5~) [amd64] >> dep: python3 (>= 3.7~) [not amd64] >> >> If backports packages can be binNMU'd, please could someone with >> appropriate access rebuild this? I think the right runes are: >> >> nmu python3-lxml_4.6.1-1~bpo10+1 . amd64 . buster-backports . -m 'Rebuild in >> buster environment' >> >> Or if binNMUs are not possible in buster-backports, someone who uses >> and can test this backported package could do a source-only upload. > > If it helps I can do a source-only upload for sure.
could you take another look at this? There was just a DSA for lxml (DSA-4810-1) and for those that have backports pinned, the above issue blocks the security update to python3-lxml (because the uninstallable backported version has a greater version). There's a new version in testing, 4.6.2, so backporting that one might even be the simplest fix to the process. Best, Christian
