On Mon, Apr 25, 2022 at 6:30 AM Thorsten Alteholz wrote:
>
>
>
> On Mon, 25 Apr 2022, Shengjing Zhu wrote:
> > For binNMU, it's also possible to add Dep-Wait.
>
> Hmm, but that would be some manually work, wouldn't it?
>
> > I don't have a preference for it. And I think binNMU is not friendly
> >
On Mon, 25 Apr 2022, Shengjing Zhu wrote:
For binNMU, it's also possible to add Dep-Wait.
Hmm, but that would be some manually work, wouldn't it?
I don't have a preference for it. And I think binNMU is not friendly
to Debian derivatives.
Ok, that is a good point.
For ratt and other pac
I'm looking for a sponsor for my package golang-github-canonical-
candid, which can be viewed on salsa at [1]. This is the final(!) new
package that is a dependency for my LXD packaging work. For the moment,
I am only creating the -dev package and am not packaging any of the
actual candid binarie
On Mon, 2022-04-25 at 00:10 +0530, Nilesh Patra wrote:
> Hi,
>
> On Sun, Apr 24, 2022 at 06:27:24PM +, Mathias Gibbens wrote:
> > then rebuilt each of the failed packages in a
> > clean sbuild environment without the updated version of golang-
> > golang-
> > x-sys and found that 22 of those 2
Hi,
On Sun, Apr 24, 2022 at 06:27:24PM +, Mathias Gibbens wrote:
> then rebuilt each of the failed packages in a
> clean sbuild environment without the updated version of golang-golang-
> x-sys and found that 22 of those 25 still failed to build, due to
> various issues unrelated to updating g
Hi all,
For my LXD packaging work, I need to update the existing packages
golang-github-mdlayher-vsock and golang-github-mdlayher-socket, but
their current releases require a newer version of golang-golang-x-sys
than is currently in unstable. Because golang-golang-x-sys is a "core"
golang librar
On Mon, Apr 25, 2022 at 1:30 AM Thorsten Alteholz wrote:
>
> Hi,
>
> On 24.04.22 15:21, Shengjing Zhu wrote:
> >> Do you want to
> >>
> >> 1. Rebuild package to carry fixed CVE in dependencies
> >> 2. Fix CVE in library and then go through 1
>
> I first fix the CVE in the affected package and than
Hi,
On 24.04.22 15:21, Shengjing Zhu wrote:
Do you want to
1. Rebuild package to carry fixed CVE in dependencies
2. Fix CVE in library and then go through 1
I first fix the CVE in the affected package and than look at the list of
packages that use it directly or via some kind of dependency c
On Sat, Apr 23, 2022 at 07:16:56PM -0400, Federico Grau wrote:
> Hello --
>
> golang-github-la5nta-wl2k-go v0.9.2-1 has been packaged for Debian and pushed
> to salsa.d.o . This looks like another set of minor upstream code changes.
>
> As there are cycles, review and feedback would be welcome.
Hi,
On Sun, Apr 24, 2022 at 8:12 PM Shengjing Zhu wrote:
>
> Hi,
>
> On Sun, Apr 24, 2022 at 7:30 PM Thorsten Alteholz wrote:
> >
> > Hi everybody,
> >
> > some time ago, before the release of Buster, the Release Team and the
> > Security Team critizied the missing tooling for security updates o
Hi,
On Sun, Apr 24, 2022 at 7:30 PM Thorsten Alteholz wrote:
>
> Hi everybody,
>
> some time ago, before the release of Buster, the Release Team and the
> Security Team critizied the missing tooling for security updates of Golang
> packages[1].
> I would like to improve the situation here and try
Hallo Thorsten,
Thorsten Alteholz (2022-04-24):
> some time ago, before the release of Buster, the Release Team and the
> Security Team critizied the missing tooling for security updates of
> Golang packages[1].
>
> I would like to improve the situation here and try to develop some
> scripts to
Hi everybody,
some time ago, before the release of Buster, the Release Team and the
Security Team critizied the missing tooling for security updates of Golang
packages[1].
I would like to improve the situation here and try to develop some scripts
to automatically rebuild/upload affected packag
13 matches
Mail list logo
