Hi
On Mon, Jul 27, 2020 at 02:30:30PM +0200, Javier Serrano Polo wrote:
> Package: security.debian.org
> Severity: wishlist
>
> For those who care about Debian derivatives:
>
> A derivative may be deployed as an overlay rather than a full archive.
> Modifications from the derivative live together with originals from
> Debian, but modifications must have a higher version.
>
> Full archives use this approach to increase the version:
> 1-1 → 1-1foo1
>
> This does not work with overlays because of binNMUs:
> 1-1+b1 > 1-1foo1
> 1-1+b1 > 1-1foo1+b1
>
> A binNMU may be unnecessary in the derivative. Also, these versions are
> disruptive:
> 1-1+b1foo1
> 1-1+b1foo1+b1
>
> Thus, overlays should use this approach:
> 1-1 → 1-1.0foo1
>
> However, security updates may use the same signalization ("+") as
> binNMUs, so:
> 1-1+deb1u1 < 1-1.0foo1
>
> Therefore, please use a higher version for security updates, such as:
> 1-1 → 1-1.0+deb1u1
I guess if you would like to have this changed you need to approach
the Debian project at higher level maybe on debian-devel (the above is
unspecific to Debian security updates, but rather current practice to
demote updates within a release once released).
They are as well documented in developers-reference, cf. for instance
https://www.debian.org/doc/manuals/developers-reference/pkgs.en.html#special-case-uploads-to-the-stable-and-oldstable-distributions
.
Closing thus this bugreport (specific to security.debian.org
pseudopackage).
Regards,
Salvatore