❦ 14 avril 2017 15:07 -0400, anarcat <anar...@debian.org> : > I looked into this during the Montreal BSP, and it's unclear what we > should do here, considering there has been multiple new uploads since > the stretch freeze. > > The patch is pretty long: > > https://github.com/golang/crypto/commit/e4e2799dd7aab89f583e1d898300d96367750991 > > ... and there's no way to just backport it into stretch at this point > (IIRC).
The patch is not that big. Most of its content is in tests and
examples. The only problem is that it exposes a behavioral change that
may break reverse dependencies at runtime.
> So I'm wondering if the next step here would not just be to ask for an
> exception to unblock this for stretch, or just tell the release team to
> just ignore this and drop the package from stretch.
There are many reverse dependencies that would be removed by removing
this package, including some high profile ones, like etcd, rkt,
influxdb. Their removal will in turn remove a lot of additional
packages.
--
A is for Apple.
-- Hester Pryne
signature.asc
Description: PGP signature
