As an interim measure, perhaps a version of the package with this fix
could be put in experimental, or in some other publicly accessible
repository? The idea being that users could use that version to get a
package that works for them, and at the same time shake things down a
bit without committing to the entire apparatus of Debian security
support for it. Certainly it would be more satisfactory to say "apt
install openconnect/experimental, let me know if that works for you"
or "put the below in /etc/apt/sources.d/openconnect-that-works.sources
and upgrade openconnect, you should get the version that fixes this",
rather than "download the upstream sources from github and compile
them yourself." E.g., if we find a security issue, the former approach
certainly makes it easier to push an upgrade.
