Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock X-Debbugs-Cc: ex...@packages.debian.org
Hello,
Please consider exim4/4.94-19 for bullseye. Due to the newly introduced
tainting mechanism exim upgrades from buster to bullseye currently
require a lockstep upgrade of configuration file and exim binary. The new
binary will not run with the old configuration and vice versa. -19
brings a patch that adds an option ("allow_insecure_tainted_data") to let
the new daemon work with the old configuration at the price of spamming the
logfile.
-19 adds the option but has it disabled by default. I thought it fit
better to _require_ handholding /now/ at dist-upgrade time. I am open to
strong opinions to switch it on by default.
I would appreciate a timely feedback on this review request. There is a
security release scheduled for May 4th
https://lists.exim.org/lurker/message/20210421.123632.08bb711a.en.html
and I would like to be able prepare an upload and have it propagate to
testing ASAP (on the same day!) and not have to discuss
"allow_insecure_tainted_data", then. If you do not think that it is
possible/wise to accept allow_insecure_tainted_data that quickly I will
base the upload for the security release on -17 and will temporarily revert
17-->19.
unblock exim4/4.94-19
TIA, cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
signature.asc
Description: PGP signature
