On Sun, May 15, 2005 at 12:15:20PM -0700, Steve Langasek wrote: > On Sun, May 15, 2005 at 12:38:20PM -0600, dann frazier wrote: > > On Sat, 2005-05-14 at 11:33 +0900, Horms wrote: > > > I am not planing to include the CAN-2005-0449 fix in the security or r1 > > > update as I undersdand that ABI changes are highly problematic. I am > > > willing to be convinced otherwise. > > > Oh, do ABI changes in packages on security.debian.org break d-i as well? > > I figured it would continue pulling udebs from r0, giving us until r1 to > > spin d-i. Is there a problem I'm not seeing? > > I don't know of any reason why they would break d-i; and I also don't think > that putting off all ABI-breaking security fixes until etch is a very good > answer anyway.
Joey Hess is the expert here. But I think one problem is that many of the d-i kernel packages do not have a kernel-tree-x.y.z-n dependancy. And thus updating kernel-source means those d-i packages can no longer be reproduced. This could get quite messy if their is an ABI change... I think... Joey? In any case, I have no problem with including ABI updates in security updates (CAN-2005-0449 is clerly a security bug) or testing-proposed-updates. But I'd like us to aggee that can be done cleanly - once its in pulling it out is a complete nightmare. -- Horms
signature.asc
Description: Digital signature
