Dear all,
> The new version does not have any further regressions, as per
> https://qa.debian.org/excuses.php?package=redis. So I think that
> would be welcome to resolve all the CVEs still affecting bookworm.
>
> Chris, what is your take on it?
Sorry for the delay in replying; some other things ate all my
bandwidth for considered thought in the last week or so.
To cut a long story short: yes, I agree that the ideal solution is to
unblock 5:7.0.10-1 (ie. the version currently in unstable) for
bookworm and release bookworm with that.
My gut feeling is that the 7.0.x branch will receive upstream-blessed
patches for security fixes for a little while. This would hopefully
make future DSAs relatively straightforward. (I doubt it will receive
specific updates for the entirety of the bookworm release, alas, but
that's out of our control). Either way, it makes sense to release with
the latest version of the 7.0.x branch.
Salvatore, do you wish to request an unblock here (ie. of 5:7.0.10-1
in sid to override 5:7.0.7-1 in bookworm) or shall I? (Would it have
more weight if you did it?)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org 🍥 chris-lamb.co.uk
`-
