Hi On Sat, 31 May 2025 at 09:51, Matthias Klose <[email protected]> wrote: > The auto tracker should be updated, or a new tracker be created: > > title = "libxml2"; > is_affected = .build-depends ~ /libxml2-dev/ | .depends ~ /(^| > )(libxml2-16|libxml2)([ ,]|$)/; > is_good = .depends ~ /\b(libxml2-16)\b/; > is_bad = .depends ~ /(^| )(libxml2)([ ,]|$)/;
I've set up this tracker, as requested [1]. I don't believe we need to rebuild packages that do not depend on either the old or the new libxml2 library (there are also some arch:all packages in there), so I set up another version of this tracker [2] without the .build-depends regex. On Sat, 31 May 2025 at 10:33, Rene Engelhard <[email protected]> wrote: > This one doesn't include xmlsec1 either? I checked, and all of the packages listed in the auto-xmlsec1 tracker [3], also appear in both of the libxml2 trackers, so either of them should be sufficient. Dependency level 1 xmlsec1 Dependency level 2 lasso libaqbanking libreoffice nordugrid-arc oath-toolkit open-vm-tools openscap python-xmlsec > Hmm? libreoffice and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106645 > is definitely a key package. This one seems to be fixed in libxml2 itself already. > And many of the xmlsec1 r-deps are not ready, as ratt rebuilds show > (libreoffice is)... Are there any that don't already have bugs [4] filed? Regards Graham [1] https://release.debian.org/transitions/html/libxml2.html [2] https://release.debian.org/transitions/html/libxml2-v2.html [3] https://release.debian.org/transitions/html/auto-xmlsec1.html [4] https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=libxml2.14;[email protected]
