On 2/10/22 11:26, Moritz Mühlenhoff wrote: > Am Thu, Feb 03, 2022 at 03:59:00PM +0100 schrieb Thorsten Glaser: >> Hi Holger, >> >>> and filed against src:debian-security-support, as openjdk-17 seems to be >>> supported and src:debian-security-support's purpose is to documented what's >> >> no, 11 is supported, 17 is just for users to run third-party >> stuff on (IIUC). > > In Bullseye 11 is the default Java and fully covered by security support. > > 17 can be installed (and it can also take over the typical alternatives), > but nothing pulls it in via dependencies. But if anyone needs to run an > application requiring 17, this is the JRE of choice (those are rare at > this point, but it will change over the life time of Bullseye). > > And yes there have been security updates for 17 already, but it's a best > effort > thing. If someone commits to rebuild the openjdk-17 uploads to unstable > for bullseye-security (along with proper testing), we can also omit a note > for src:debian-security-support.
"along with proper testing" means, that we can turn on again the tests during the build, which requires a heap of new upstream versions for jtreg, jtharness, testng, groovy, and probably much more. Matthias
