Bug#1006140: New version can't load old databases
Markus Koschany
apo at debian.org
Thu Feb 24 12:25:03 GMT 2022
Hi Jochen,
Am Donnerstag, dem 24.02.2022 um 11:26 +0100 schrieb Jochen Sprickerhof:
>
>
> - Keep the current (old) version of h2 in Debian till jameica is
> updated, given that jameica is the only user.
>
> - Upload the old version of h2 as jameica-h2database and move the jar to
> /usr/share/jameica. That would basically mark the package as jameica
> only and would free up the h2database package to move to a newer
> version.
>
> What do you think?
I would rather tend to option two in order to move forward and to provide the
latest version of h2 which is supported by upstream and easier to maintain in
the future. You could also try to import the h2 1.4.x source code into jameica
or hibiscus for the time being and then use it to build both packages. That
would allow us to simply upgrade the existing h2 source package and you could
do whatever you want with the old h2 version. We just have to keep track of
potential security vulnerabilities but the attack surface should be much
smaller. I leave the decision to you because your packages are the only real
consumers of h2 in Debian.
Cheers,
Markus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: This is a digitally signed message part
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-maintainers/attachments/20220224/bc2a4876/attachment.sig>
More information about the pkg-java-maintainers
mailing list