Hi, It has almost been a week, with no answer from the release team. I'm very concerned that this will reduce the time this package will be tested before the release.
The question is: > can I prepare and upload 1.8.7p72? Thank you. On 02/09/08 at 18:50 +0200, Lucas Nussbaum wrote: > Hi, > > The two ruby versions (1.8 = stable branch, 1.9 = dev branch) are > affected by two issues: > - (ruby1.9 specific): the fact that ruby1.9 fails to build on hppa, so > all ruby1.9 packages (and their reverse dependencies) need to be > removed from hppa. (tracked as #478717 and #491930) > - a lot of security issues (apparently, people started auditing ruby's > code only recently, and are finding a lot of problems). This is > tracked as #494401 and #496808 for ruby1.8, #494402 for ruby1.9. > > This email addresses the security issues, and only for ruby1.8. ruby1.9 > is a different story, and I haven't had time to look at it yet (I'm > supposed to be in VAC). I CCed debian-ruby@: if someone have time to > look at ruby1.9, help would be very much appreciated. > > Currently, in unstable/testing, we have ruby1.8 1.8.7p22, with some > backported patches (not fixing the security issues mentioned above). > > Continuing to backport patches to that versions seems errorprone and > time-consuming, so instead, I'd like to ask for permission to package > and upload 1.8.7p72 ASAP, let it migrate to lenny, and get as much > testing as possible until the release. > - ruby1.8 is the stable branch of ruby. The diff between 1.8.7p22 and > p72 mostly contains bug fixes. (see upstream diff in attachment) > - 1.8.7p72 has been released on 08/08, and the ruby community is known > for upgrading to the latest upstream ASAP, so it surely was well > tested. I haven't heard of any regressions caused by it (p22 broke > rails). > - That's about all I'll have time to (properly) do anyway, and Daigo > Moriwaki is also in VAC. > > So, question: can I prepare and upload 1.8.7p72? -- | Lucas Nussbaum | [EMAIL PROTECTED] http://www.lucas-nussbaum.net/ | | jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
