Paride Legovini wrote in <b477c054-fa6a-dd93-2fe3-892d46e09a74@ninthfloo\ r.org>: |Steffen Nurpmeso wrote on 27/06/2019: |> Paride Legovini wrote in <a8755ae8-a3b9-fba5-c24a-fbebec0f6c35@ninthfloo\ |> r.org>: |>|Steffen Nurpmeso wrote on 20/06/2019: |>|> the patch was reversed; here is the right one. |>| |>|Just to be sure, is your last "ivan.diff" patch all that's needed to fix |>|this bug? I would like to have it fixed in buster, but given that we're |>|so deep in the freeze I'll have to ship only a minimal fix for this |>|specific bug; an import of a new minor version changing other stuff |>|won't be accepted. This will mean patching 14.9.11. |> |> Oh-oh, 14.9.11 is a year old! :) I do not understand that |> security policy of Debian, for such a small program with a single |> developer. So many bugs fixed! I would even update to [master] |> or [stable/stable] and use the grappa mode! Sigh. :) | |Yeah I'm sorry for the skipped release, I promise I will backport the |latest one once buster is released, but for the moment v14.9.11 is the |version we have to work with. | |The policy for acceptable changes during the full freeze period is |pretty clear: | |https://release.debian.org/buster/freeze_policy.html | |and I don't think an update to e.g. 14.9.14 will fit.
That definetely not, i had to rewrite the entire child process and job control signal handling to something that i almost like. And the rest of the way we will make, too! I was thinking more of the [stable/stable] branch, which is v14.9.13 plus fixes, and which can be turned into a release with the grappa mode of mk/make-release.sh (as documented in README). The [stable/] branch series is exactly for this purpose. On the oss-security@ list there was a discussion on using exact the kind of stable branches that S-nail provides, and Simon McVittie of Debian said something[1,2]. Especially in the former he says If upstream projects have a stable branch that is genuinely stable and bugfix-only to minimize the risk of regressions, and encourage downstream distributions to align on the latest stable branch during their development phase, then I think that goes a long way towards this. [1] https://www.openwall.com/lists/oss-security/2019/06/21/3 [2] https://www.openwall.com/lists/oss-security/2019/06/21/8 So this little MUA already provides for some time what has been expressed as the desirable policy on OSS development. To speak that boldly, that is ^_^ (Hmmm, should i Cc: some parties.. Maybe only our own list, ok?) As another point the software world progresses. For example, the new GAWK 5 produces warnings with v14.9.11, it will not with [stable/stable] (or master). There is at least one packager known who fixed those warnings via a local patch in the package system. Though he (Jürgen) packages for a compile-yourself distribution, therefore [stable/stable]+mk/make-release.sh grappa is bad, since you need (git and) perl installed. Though: perl is in core! Hm. That is not a problem so big for Debian, however, i would guess most people use the binary packages, anyway. |>|The patch doesn't apply cleanly onobs-imap-gssapi.h from v14.9.11 (I did |>|fix the paths, of course), but making the same changes manually to |>|produce a new patch looks easy. Is it fine if I go this way, or should |>|v14.9.11 be patches differently? Of course if you happen to have a patch |>|that already applies on v14.9.11 please let me have it! |> |> I had to backport it myself; i have not compiled it, but should |> do. Please report any problems Paride, they are real and actual |> bugs! I will spin a VM this evening, i have a FreeBSD with |> GSSAPI, if i hit any compile error i will send you an update, ok? | |Thanks Steffen! I will try to apply the patch tomorrow. Still had no time, will compile-test on FreeBSD in an hour :). Yeah, time is a problem. But i did not answer your question: no, not that alone, but two; the one i sent to you however includes them both. Ciao Paride! Ciao!! --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)
