Hi, So I've been looking at Enigmail again, after a long journey helping people in stable getting that stuff fixed. It's pretty obvious there's no way to upload that without first doing a GnuPG 2.1 backport into jessie.
That, it turns out, requires *four* more source package backports. Fortunately for us, *all* of those are already in jessie-backports. They would, unfortunately, probably need to be uploaded straight into jessie-security, however, if only for consistency's sake. That would mean, however, a more or less forced update on the following libraries in jessie: * libassuan (part of GPG, 2.1 -> 2.4) * libgcrypt20 (part of GnuTLS, 1.6 -> 1.7) * libgpg-error (GPG, 1.17 -> 1.26) * npth (GPG, 1.0 -> 1.3) How should we handle this? I haven't looked at each backport in detail to see if ABI changes are significant, but the version numbers seem to indicate they are not (for what that's worth of course). That said, with minor changes (to keep "gpg" pointing at the legacy 1.4 version, most notably), I've got a GPG 2.1 backport ready for jessie, at the usual location: https://people.debian.org/~anarcat/debian/jessie-lts/ I would very much welcome testing of this. There are still some clunky things in there, for example critical lintian warnings I need to fix. I haven't even tried to installed the thing yet, but I figured I would share my work early and get feedback before going on a wild goose chase after the dependencies. Any feedback appreciated. Thanks, A. -- For once you have tasted flight, You will walk the earth with your eyes turned skyward; For there you have been, And there you long to return. - Leonardo da Vinci
