On 04/11/15 04:02, James Cowgill wrote: > Package: release.debian.org > User: release.debian....@packages.debian.org > Usertags: transition > Severity: normal > Forwarded: https://release.debian.org/transitions/html/auto-polarssl.html > X-Debbugs-CC: polar...@packages.debian.org > > Hi, > > polarssl needs a library transition. The name of the upstream project > changed to 'mbedtls' so the SONAME has become 'libmbedtls9'. I've kept > the name of the dev package as 'libpolarssl-dev' for the 1.3 series so > every package doesn't need to be changed.
Shouldn't there be a new libmbedtls-dev package, with libpolarssl-dev becoming a transitional one? Shouldn't the source be renamed? > The new version of polarssl fixes a grave security bug (#801413). I > havn't got a response from the package maintainer at all in dealing > with this so I NMUed the version currently in experimental. Doing this transition as a NMU seems a bit odd to me. Though hijacking the package seems a bit premature since that bug was opened only a month ago. If you renamed the source, then maybe you could get away with it :p Cheers, Emilio
