Hi! > On Mon, Sep 27, 2010 at 10:27:17PM +0200, Michael Tautschnig wrote: > > Please grant a freeze exception for clamav, version 0.96.3+dfsg-1. For > > reference, the changelog entries since the last version entering squeeze are > > listed below. I am aware that this request is not in line with the stricter > > freeze policy now in effect, but would nevertheless ask for an exception as > > this > > version includes a new upstream version with security fixes. In #577013 it > > was > > stated that even such large changes may be ok for future updates to stable, > > as > > far as clamav is concerned. > > I'm very unhappy that you read the statement of "we can get new upstream > versions" as "the freeze doesn't apply to us, does it?". >
I would like to apologize if my message was unclear in this respect - I surely did not mean to say this; I was aware of the fact that asking for a freeze exception for clamav could lead to such interpretations. That's why I spoke of *future* updates to stable - and *asked* for a freeze exception. Whether it is granted or not is your decision, as package maintainer we can only try our best to prepare suitable packages. > I do wonder why I see pyc files in the new version in debdiff. It's also too > large to review. > Would you please just tell me which versions you were comparing? Was that 0.96.3+dfsg-2 (latest upload) to 0.96.1+dfsg-1 (version in squeeze)? Obviously such files should not have ended up in the package, and I'd happily try to reproduce & fix the problems. And yes, the size of the diff could be very large, it's a jump of two upstream versions. > So it's the question if we go the "if it blows to pieces, you get to keep > them" > mode. But as the future uploads will be out of our control anyway, I guess > I just need to ask you if you are confident with your current package. > I'm not sure I really get your message (I'm not a native speaker and fear I'm misreading something). Would you please be so kind to elaborate on what you mean by "if it blows to pieces, you get to keep them"? And why would future uploads be out of your control? FWIW, yes, we are pretty confident with the current package, at least as far as the resulting binary packages and installations are concerned. Furthermore, the support by upstream is working amazingly well these days. That notwithstanding, both our source and binary packages will be buggy in some or the other respect. But should we become aware of bugs, we (meaning the clamav team, and not the stable release managers, should problems with the version in stable surface) will try to fix them as quickly as possible. I hope my messages helps for clarification, and I hope not to be offensive in any way. Best regards, Michael
pgpeLhXfQNq2t.pgp
Description: PGP signature
