[php-maint] php5 packages for lenny, redux

sean finney seanius at debian.org
Sun Jan 25 16:57:57 UTC 2009


hi everyone,

excuse the cross-posting, i just want to make sure everyone's on the
same page for what should be next for php5 -> lenny

quick recap:

when we last left off[1] Raphael was seeking pre-approval of a
lenny-targeted upload of php5.  because of library dependency changes,
this needed to go through t-p-u.  Marc had some objection/concern due
to the size of the interdiff, which does admittedly contain a number of
newly imported patches from gentoo.  Raphael pointed out that most/all
of these patches were crashfixes (and some of them are also lower-prio
security fixes) and that a lot of the size was due to whitespace changes
and diff-within-diff quilt patches.

Marc asked for a diff -w style output of the diff,  but shortly after this
a new batch of vulnerabilities/issues came to light and we started on
incorporating them before pushing any more on this issue.


so, here we are about a month later and now we're looking at lenny again,
only now the diff is a little bigger :)

someone suggested to look at using testing-security as a path to lenny for
this change since many (but not all) of the fixes are security related
it feels a little sketchy to me to be honest, so i was hoping for a direct
ACK/NACK on that from the security/release folks.  particularly, if it does
go through testing-security, i'd want to know that when lenny becomes stable
that the packages are somehow transitioned as well.

i've attached the raw interdiff for the new lenny2 version.  the diff
size isn't as scary as it looks, as previously mentioned there's a lot of
noise from the diff-within-diff and whitespace changes.

for better review i've attached a second diff, which is the result
of unpacking both versions of package, applying all the quilt patches,
removing the ".pc" quilt directories, and and doing a diff between the two
patched trees (diff -x debian -Nrub lenny1 lenny2).  this should hopefully
make examining the changes from the quilt patches a little easier.


so please let us know whether this is suitable for either/neither the t-p-u
route or the testing-security route, and if neither, what needs to be done
to get something to lenny.



thanks!
	sean

[1] http://lists.debian.org/debian-release/2008/12/msg00107.html
-- 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lenny1-lenny2.interdiff.gz
Type: application/octet-stream
Size: 23497 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20090125/6cd616d4/attachment-0002.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lenny1-to-lenny2.diff-Nruw.diff.gz
Type: application/octet-stream
Size: 11845 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20090125/6cd616d4/attachment-0003.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20090125/6cd616d4/attachment-0001.pgp>


More information about the pkg-php-maint mailing list