tomcat6 wheezy DSA (was/and Re: tomcat6_6.0.41-2+squeeze5_amd64.changes REJECTED
tony mancill
tmancill at debian.org
Sun Nov 23 18:30:15 UTC 2014
On 11/23/2014 04:16 AM, Mark Hymers wrote:
> On Sun, 23, Nov, 2014 at 10:29:59AM +0100, Holger Levsen spoke thus..
>> Hi,
>>
>> On Sonntag, 23. November 2014, Debian FTP Masters wrote:
>>> Version check failed:
>>> Your upload included the source package tomcat6, version 6.0.41-2+squeeze5,
>>> however stable already has version 6.0.35-6+deb7u1.
>>> Uploads to squeeze-lts must have a lower version than present in stable.
>>
>> so this is due to the changes to dak implemented by Mark Hymers during the
>> MiniDebConf in Cambridge early November. (Mark can you please explain what
>> other changes (relevant to LTS) you did?!
>
> So, basically, for those following along, Holger asked me to make sure
> that squeeze LTS couldn't end up ahead of stable (wheezy). I therefore
> added the following version constraints:
>
> mhy at franck:~$ dak admin v-c list-suite squeeze-lts
> squeeze-lts MustBeNewerThan oldstable
> squeeze-lts Enhances oldstable
> squeeze-lts MustBeOlderThan stable
> squeeze-lts MustBeOlderThan proposed-updates
>
> This probably means that in some cases (especially those involving new
> upstream versions), stable security updates will need to hit p-u before
> the LTS uploads happen. If this is a problem, we should just revoke
> those parts of the version constraints and leave only the oldstable
> ones.
Hi Holger,
Thank you for coordinating this effort. I'm not aware of any reason why
the squeeze-lts packaging/version of tomcat6 wouldn't also be
appropriate for wheezy.
An updated tomcat-native package should also be part of the update;
building 1.1.31-1 from testing/unstable on wheezy fine. (I just built
both of these, the squeeze-lts tomcat6 + tomcat-native 1.1.31-1 on a
wheezy chroot and ran them without any issue.)
The Java Team is cc:d on this thread. Emmanuel has been in much closer
contact with tomcat6 since this effort started, so he may have some input.
Synopsis: Updating tomcat6 for squeeze-lts put us in the awkward
position of having a newer tomcat in old-stable than in stable; Holger
is helping to get this resolved. I am recommending that tomcat-native
1.1.31 accompany any updates to tomcat6 6.0.41.
Cheers,
tony
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20141123/e3419759/attachment.sig>
More information about the pkg-java-maintainers
mailing list