rvice give-back site, but it will not
operate on the security suites. Could someone reschedule python2.7
2.7.9-2+deb8u5 in jessie-security for another build attempt?
Done.
Kind regards and thanks
Philipp Kern
's allowlisted on the wanna-build master.
However only the main archive has non-free autobuilding thus far,
security does not. (See
wuiet:/srv/wanna-build/triggers/trigger.{debian,security})
Kind regards
Philipp Kern
[1]
https://salsa.debian.org/hmh/intel-microcode/-/commit/3db8dcad239888ef010d2574eaa31a6d62ab9bd8
maintainers uploaded
binaries manually with their security uploads for that reason. It does
look like we should revisit that.
Kind regards
Philipp Kern
wanna-build state is available to buildd.d.o/status, I'd imagine that
the links to the logs would just show up if we were to inject them.
Kind regards
Philipp Kern
t Mozilla enforced in NSS we
couldn't check in any other tools using ca-certificates. We also do not
sync the NSS version or backport the cert checks when such distrusts
happen. So we can only react in a similar way when the time for full
distrust has come (which is sort of the case now with the
on?
Is that actually planned? Because the whole point of that was that
adding LE directly isn't actually critical. (And people should use the
chain provided by ACME rather than relying on certificates shipped by
Debian.)
Kind regards
Philipp Kern
signature.asc
Description: OpenPGP digital signature
On 2017-07-21 15:51, Antoine Beaupré wrote:
On 2017-07-20 18:15:00, Philipp Kern wrote:
On 07/17/2017 09:41 PM, Antoine Beaupré wrote:
Let's not jump the gun here. We're not shipping NSS in
ca-certificates,
just a tiny part of it: one text file, more or less.
Yeah, and the consen
to the VM, we can do that via NFS.
There's a security question here somewhere about importing untrusted
data from other places, but we are already ultimately trusting
ftp-master so I'm not sure it actually makes a different.
Kind regards
Philipp Kern
