Re: key packages RC bugs of the month September
Hi, Am 01.09.22 um 22:18 schrieb Paul Gevers: On 01-09-2022 21:10, Rene Engelhard wrote: This either should be ignored (like for bullseye) or downgrade, imho, but I didn't do it myself. I don't think there's anything actionable here... [...] If I read these correctly, this is exactly the kind of action that a maintainer can take to make the release process smoother. If *you* as a maintainer think the bug shouldn't be RC, by all means downgrade it (ideally with an explanation just in case it's disputed later on). I understand that... But well, strictly speaking it *is* a data loss... If someone had a terminal server and several users and has the file on a samba share this potentially could still happen... I just don't belive this is a reason to block LO on this. Especially as it already was bullseye-ignore'd, so can't we just bookworm-ignore it? Regards, Rene
Re: key packages RC bugs of the month September
Hi all, On 01-09-2022 21:10, Rene Engelhard wrote: This either should be ignored (like for bullseye) or downgrade, imho, but I didn't do it myself. I don't think there's anything actionable here... On 01-09-2022 16:52, Simon McVittie wrote: >> #919914gnome-settings-daemon >> gnome-tweaks now equates "don't suspend on lid close" with "don't lock on >> lid close" (security issue) >> https://bugs.debian.org/919914 > Honestly, I don't think this one is really RC. The > bug reporter asserts that it's a RC security issue, > but there are two contradictory user expectations (summary at > https://gitlab.gnome.org/GNOME/gnome-settings-daemon/-/merge_requests/84#note_502354) > and the current behaviour has been the same since Debian 10 if I'm > reading the bug history correctly. If I read these correctly, this is exactly the kind of action that a maintainer can take to make the release process smoother. If *you* as a maintainer think the bug shouldn't be RC, by all means downgrade it (ideally with an explanation just in case it's disputed later on). The Release Team doesn't *want* to go over all RC bugs and decide to ignore them, we don't have the intimate knowledge of your package to judge and it takes time to build up enough knowledge to make the judgement call. If it's disputed, we can judge it (and raise severity if needed) later on with our Release Team member hat on, but the first call is on the maintainer. Please. Paul OpenPGP_signature Description: OpenPGP digital signature
Re: key packages RC bugs of the month September
Hi Am 01.09.22 um 13:53 schrieb Paul Gevers: #935182 libreoffice-core Concurrent file open on the same host results file deletion https://bugs.debian.org/935182 This one has been open so long, is forwarded upstream. Has to do with samba *and* two persons on the same host doing it at the same time. This either should be ignored (like for bullseye) or downgrade, imho, but I didn't do it myself. I don't think there's anything actionable here... Regards, Rene
Re: key packages RC bugs of the month September
On Thu, 01 Sep 2022 at 13:53:41 +0200, Paul Gevers wrote: > #919914 gnome-settings-daemon > gnome-tweaks now equates "don't suspend on lid close" with "don't lock on > lid close" (security issue) > https://bugs.debian.org/919914 Honestly, I don't think this one is really RC. The bug reporter asserts that it's a RC security issue, but there are two contradictory user expectations (summary at https://gitlab.gnome.org/GNOME/gnome-settings-daemon/-/merge_requests/84#note_502354) and the current behaviour has been the same since Debian 10 if I'm reading the bug history correctly. smcv
Re: fontconfig RC bugs (was: Re: key packages RC bugs of the month September)
On Thu, Sep 01, 2022 at 04:08:20PM +0200, Johannes Schauer Marin Rodrigues wrote: > > #960679 src:fontconfig > > strict dependency of arch:any libfontconfig1 on arch:all > > fontconfig-config going wrong > > https://bugs.debian.org/960679 > > fontconfig also has a second RC bug: #909750 > > The last maintainer upload of fontconfig was more than two years ago. Since > then it has been NMU-ed by me and Julien Cristau. > > Since there is no maintainer action on #960679 I wanted to ask the d-devel > crowd if you see any problem with making fontconfig-config arch:any to fix it? > > There is a patch for #909750 which I can apply in my next fontconfig NMU as > well. I don't see any reason why you wouldn't do this change following the usual NMU procedure. Just go ahead? :) -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
fontconfig RC bugs (was: Re: key packages RC bugs of the month September)
Hi Paul, Quoting Paul Gevers (2022-09-01 13:53:41) > I am asking for help with investigating RC bug reports, judging > severity, reproducing the issue, clarifying the problem, i.e. bug > triaging of all RC bugs that haven't seen activity for a while and that > are still affecting bookworm. Of course ideally the bug gets fixed. To > give examples, I mention 5 bugs below, next month hope I'll mail 5 other > ones. > > The full list I use to check for RC bugs in key packages can be found at > [2]. looking at the full list, 5 bugs per mail don't seem like much. On the other hand, if you had listed more then 5 I might not've looked through the list at all and had not spotted fontconfig in it. > #960679 src:fontconfig > strict dependency of arch:any libfontconfig1 on arch:all > fontconfig-config going wrong > https://bugs.debian.org/960679 fontconfig also has a second RC bug: #909750 The last maintainer upload of fontconfig was more than two years ago. Since then it has been NMU-ed by me and Julien Cristau. Since there is no maintainer action on #960679 I wanted to ask the d-devel crowd if you see any problem with making fontconfig-config arch:any to fix it? There is a patch for #909750 which I can apply in my next fontconfig NMU as well. Thanks! cheers, josch signature.asc Description: signature
key packages RC bugs of the month September
Dear all, In the same theme as my earlier message [0], I like to ask you to please spend some time triaging (and ideally solving) old RC bugs. Some packages you may care about were removed from testing because the maintainer didn't triage or fix the bug. And then there's key packages... As a Release Team member, I'm concerned about RC bugs for key packages [1] that don't get fixed in a timely manner. It's rather trivial to remove non-key packages from testing (albeit that not being nice) while removing key packages is difficult or impossible without making bookworm useless. As the threat of autoremoval isn't there, there's quite a bunch of RC bugs in key packages affecting testing that linger without a resolution. As the freeze is drawing nearer I'd like to try an experiment: I'd like to present to you on a monthly basis the "key packages RC bugs of the month" in the hope to draw some attention to this class of bugs. Remember, fixing these bugs is a collective effort. I am asking for help with investigating RC bug reports, judging severity, reproducing the issue, clarifying the problem, i.e. bug triaging of all RC bugs that haven't seen activity for a while and that are still affecting bookworm. Of course ideally the bug gets fixed. To give examples, I mention 5 bugs below, next month hope I'll mail 5 other ones. The full list I use to check for RC bugs in key packages can be found at [2]. #919296 git-daemon-run fails with 'warning: git-daemon: unable to open supervise/ok: file does not exist' https://bugs.debian.org/919296 #919914 gnome-settings-daemon gnome-tweaks now equates "don't suspend on lid close" with "don't lock on lid close" (security issue) https://bugs.debian.org/919914 #960679 src:fontconfig strict dependency of arch:any libfontconfig1 on arch:all fontconfig-config going wrong https://bugs.debian.org/960679 #935182 libreoffice-core Concurrent file open on the same host results file deletion https://bugs.debian.org/935182 #944871 src:docbook-xsl readds catalogs to the super catalog on every upgrade https://bugs.debian.org/944871 Paul [0] https://lists.debian.org/debian-devel/2022/07/msg00133.html [1] https://release.debian.org/key-packages.html [2] https://udd.debian.org/dev/bugs.cgi?release=bookworm_and_sid=ign=only=7=7=1=1=1=1=1=last_modified=asc=html#results OpenPGP_signature Description: OpenPGP digital signature