Hi Paul,
On Sun, 24 Apr 2022, Paul Gevers wrote:
If I understand correctly, if this is only about rebuilds, just request an
binNMU with the usual process (reportbug recommended).
from my point of view binNMUs are not the right way here.
Due to possibly long dependency chains of golang packages, the order of
uploads would be important. Trying to keep this order with binNMU bugs
seems to be rather error-prone. Especially as the buildds on different
architectures work at different rates.
What I had in mind was to change the dependencies of all affected
packages to versioned dependencies with (>= the new version). So the
uploads are not only rebuilds but really new verions of a package.
Your link [1] points
at the issues we have with security support *via the security archive*.
Yes, but those updates would have the same problem, right? And both have
in common that currently there is no tooling available ...
Thorsten
