Hello Tobias,
According to
<https://tracker.debian.org/media/packages/f/firmware-nonfree/changelog-20190114really20220913-0deb10u1>
you uploaded the package to "buster-security", but only the source
package made it into the archive; the binary packages are still missing
in
<http://ftp.de.debian.org/debian-security/pool/updates/non-free/f/firmware-nonfree/>.
In the past that already happened multiple times for other packages like
"amd64-microcode" as some(?) packages from "non-free" are not build by
Debians auto-builders and must be allow-listed.
Can you please have a look?
Philipp Hahn
--- Begin Message ---
Hello,
The microcode packages have been whitelisted for at least a decade, however
non-free auto-building is spotty. Intel-microcode faces the same issue. I
don't really recall if contrib is any better.
This has bitten me so many times, I never do uploads of non-free
intel-microcode or amd64-microcode missing binaries to debian-security, or when
racing the deadline for a s-p-u. They're all source+i386+amd64.
For unstable, source-only works and has worked well for a while. It likely
works for stable as well as it should have inherited that from unstable... But
old(*)stable, security and backports? I would not hold my breath: I'd have to
"test the waters" first to know.
On Tue, Aug 31, 2021, at 16:22, Holger Levsen wrote:
> On Tue, Aug 31, 2021 at 01:13:28PM +0200, Philipp Hahn wrote:
> > What needs to be done to get "amd64-micocode" in version
> > "3.20181128.1~deb9u1" into "stretch-security"?
> > Build it manually and upload it somewhere?
>
> yes. (and utkarsh is on it.)
>
> > Can we so something to prevent this from happening again:
>
> it seems security/non-free is currently not autobuilt at all, so
> I suppose this needs to be addressed and than amd64-microcode needs to
> be whitelisted to be autobuilt there (as any other non-free package).
--
Henrique de Moraes Holschuh <h...@debian.org>
--- End Message ---
