hi, I've just uploaded this to buster for the coming point release:
$ debdiff debian-security-support_2020.06.21~deb10u1.dsc debian-security-support_10+2022.08.23.dsc|diffstat Makefile.PL | 1 + debian/changelog | 26 ++++++++++++++++++++++++++ security-support-ended.deb10 | 8 +++++++- security-support-limited | 12 ++---------- 4 files changed, 36 insertions(+), 11 deletions(-) $ debdiff debian-security-support_2020.06.21~deb10u1.dsc debian-security-support_10+2022.08.23.dsc diff -Nru debian-security-support-2020.06.21~deb10u1/debian/changelog debian-security-support-10+2022.08.23/debian/changelog --- debian-security-support-2020.06.21~deb10u1/debian/changelog 2020-07-10 19:29:25.000000000 +0200 +++ debian-security-support-10+2022.08.23/debian/changelog 2022-08-23 18:57:12.000000000 +0200 @@ -1,3 +1,29 @@ +debian-security-support (1:10+2022.08.23) buster; urgency=medium + + * Introduce release based versioning and add an epoch to achieve that. + See https://lists.debian.org/20200817100153.ga...@layer-acht.org and + follow-ups. Closes: #988321 + * Makefile.PL: strip epoch from internal version just like ~deb10u1 etc are + also dropped. + * Update security-support-ended.deb10 from 1:12+2022.08.12 from unstable, + thus adding these packages to it: + - chromium + - ckeditor3 + - gpac + - libspring-java + - slurm-llnl + - xen + * Update security-support-limited from 1:12+2022.08.12 from unstable, + thus adding: + - golang + - khtml + * Drop libv8-3.14, mosjz, mosjz24, swftools and webkitgtk from + security-support-limited as they were only present in stretch and earlier. + * Also drop glpi, ltp and wine-gecko-2.(21|24) from security-support-limited + as they were only present in jessie or earlier. + + -- Holger Levsen <hol...@debian.org> Tue, 23 Aug 2022 18:57:12 +0200 + debian-security-support (2020.06.21~deb10u1) buster; urgency=medium * Rebuild for buster. diff -Nru debian-security-support-2020.06.21~deb10u1/Makefile.PL debian-security-support-10+2022.08.23/Makefile.PL --- debian-security-support-2020.06.21~deb10u1/Makefile.PL 2018-03-16 15:39:59.000000000 +0100 +++ debian-security-support-10+2022.08.23/Makefile.PL 2022-08-19 16:25:59.000000000 +0200 @@ -12,6 +12,7 @@ my $VERSION=$changelog->{Version}; $VERSION =~ s/~deb(.*)//; +$VERSION =~ s/^[0-9]+://; WriteMakefile ( 'NAME' => 'debian-security-support', diff -Nru debian-security-support-2020.06.21~deb10u1/security-support-ended.deb10 debian-security-support-10+2022.08.23/security-support-ended.deb10 --- debian-security-support-2020.06.21~deb10u1/security-support-ended.deb10 2020-07-10 19:29:25.000000000 +0200 +++ debian-security-support-10+2022.08.23/security-support-ended.deb10 2022-08-23 18:57:08.000000000 +0200 @@ -11,4 +11,10 @@ # In the program's output, this is prefixed with "Details:" # none yet (please remove this line once this is not true anymore) -libperlspeak-perl 2.01-2 2020-04-16 https://bugs.debian.org/954238 (CVE-2020-10674) and https://bugs.debian.org/954297 and 954298 +libperlspeak-perl 2.01-2 2020-04-16 https://bugs.debian.org/954238 (CVE-2020-10674) and https://bugs.debian.org/954297 and 954298 +xen 4.11.4+107-gef32c7afa2-1 2021-08-28 https://xenbits.xen.org/docs/4.11-testing/SUPPORT.html#release-support +chromium 90.0.4430.212-1~deb10u1 2022-01-14 https://lists.debian.org/debian-security-announce/2022/msg00012.html +slurm-llnl 18.08.5.2-1+deb10u2 2022-08-01 https://salsa.debian.org/lts-team/lts-extra-tasks/-/issues/39 +gpac 0.5.2-426-gc5ad4e4+dfsg5-5 2022-08-03 https://lists.debian.org/debian-lts/2022/05/msg00043.html +libspring-java 4.3.5-1+deb9u1 2022-08-09 https://lists.debian.org/debian-lts/2022/08/msg00001.html +ckeditor3 3.6.6.1+dfsg-1 2022-08-09 https://lists.debian.org/debian-lts/2022/08/msg00001.html diff -Nru debian-security-support-2020.06.21~deb10u1/security-support-limited debian-security-support-10+2022.08.23/security-support-limited --- debian-security-support-2020.06.21~deb10u1/security-support-limited 2020-07-10 19:29:25.000000000 +0200 +++ debian-security-support-10+2022.08.23/security-support-limited 2022-08-23 18:57:08.000000000 +0200 @@ -10,13 +10,9 @@ binutils Only suitable for trusted content; see https://lists.debian.org/msgid-search/87lfqsomtg....@mid.deneb.enyo.de ganglia See README.Debian.security, only supported behind an authenticated HTTP zone, #702775 ganglia-web See README.Debian.security, only supported behind an authenticated HTTP zone, #702776 -glpi Only supported behind an authenticated HTTP zone for trusted users -golang* See https://www.debian.org/releases/buster/amd64/release-notes/ch-information.en.html#golang-static-linking +golang* See https://www.debian.org/releases/buster/amd64/release-notes/ch-information.en.html#golang-static-linking kde4libs khtml has no security support upstream, only for use on trusted content -libv8-3.14 Not covered by security support, only suitable for trusted content -ltp Pure Testsuite, only supported on non-production non-multiuser systems -mozjs Not covered by security support, only suitable for trusted content -mozjs24 Not covered by security support, only suitable for trusted content +khtml khtml has no security support upstream, only for use on trusted content, see #1004293 mozjs52 Not covered by security support, only suitable for trusted content mozjs60 Not covered by security support, only suitable for trusted content ocsinventory-server Only supported behind an authenticated HTTP zone @@ -24,8 +20,4 @@ qtwebkit No security support upstream and backports not feasible, only for use on trusted content qtwebkit-opensource-src No security support upstream and backports not feasible, only for use on trusted content sql-ledger Only supported behind an authenticated HTTP zone -swftools Not covered by security support, only suitable for trusted content -webkitgtk No security support upstream and backports not feasible, only for use on trusted content -wine-gecko-2.21 Not covered by security support, see https://bugs.debian.org/804058 -wine-gecko-2.24 Not covered by security support, see https://bugs.debian.org/804058 zoneminder See README.Debian.security, only supported behind an authenticated HTTP zone, #922724 Thanks for all your SRM work! -- cheers, Holger ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ holger@(debian|reproducible-builds|layer-acht).org ⢿⡄⠘⠷⠚⠋⠀ OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C ⠈⠳⣄ Just 100 companies are responsible for 71% of global emissions. https://www.theguardian.com/sustainable-business/2017/jul/10/100-fossil-fuel-companies-investors-responsible-71-global-emissions-cdp-study-climate-change
signature.asc
Description: PGP signature
