Re: Updating ca-certificates through stable-updates
> Could I perhaps convince you to file this (kind of) request as a pu bug? > They are much easier for us to track than mails to the mailing list. > I appreciate that you might have been sending this mail to avoid the > pu-bug. Unfortunately, we often end up forgetting the mail on our TODO > list if it is not listed in the bug tracker. There's that and it helps to look at the debdiff to see what the actual changes are. Cert updates are likely to be much easier on us than packaging/script updates. Kind regards Philipp Kern signature.asc Description: Digital signature
Re: Updating ca-certificates through stable-updates
On 12/05/2015 04:25 PM, Philipp Kern wrote: >> Could I perhaps convince you to file this (kind of) request as a pu bug? >> They are much easier for us to track than mails to the mailing list. >> I appreciate that you might have been sending this mail to avoid the >> pu-bug. Unfortunately, we often end up forgetting the mail on our TODO >> list if it is not listed in the bug tracker. > > There's that and it helps to look at the debdiff to see what the actual > changes are. Cert updates are likely to be much easier on us than > packaging/script updates. I'll go ahead and get the packages built and open up a pu bug with the debdiffs. Thanks! -- Kind regards, Michael signature.asc Description: OpenPGP digital signature
Re: Updating ca-certificates through stable-updates
On 11/25/2015 03:18 PM, Andrew Ayer wrote: > Hi Stable Release Managers, > > We're currently discussing in #806239 how to keep the > ca-certificates package more up-to-date in (old)stable. Since > ca-certificates is a data package that needs timely updating (when CAs > are removed due to lapsed audits, they should be distrusted > immediately), it satisfies the criteria for stable-updates posted here: > > https://www.debian.org/News/2011/20110215 > > I just wanted to confirm that the SRMs would be OK pushing out new > ca-certificates packages through stable-updates. Hi release team, I just requested an upload of ca-certificates (20151204) to unstable, and I would like to follow that up with stable-pu and oldstable-pu updates to include the current Mozilla CA bundle changes for jessie and wheezy. I appears that I did a wheezy-pu update last year on #743156, but wanted to clarify if these upcoming uploads will be acceptable. -- Thank you! Michael
Re: Updating ca-certificates through stable-updates
Michael Shuler: > On 11/25/2015 03:18 PM, Andrew Ayer wrote: >> Hi Stable Release Managers, >> >> We're currently discussing in #806239 how to keep the >> ca-certificates package more up-to-date in (old)stable. Since >> ca-certificates is a data package that needs timely updating (when CAs >> are removed due to lapsed audits, they should be distrusted >> immediately), it satisfies the criteria for stable-updates posted here: >> >> https://www.debian.org/News/2011/20110215 >> >> I just wanted to confirm that the SRMs would be OK pushing out new >> ca-certificates packages through stable-updates. > > Hi release team, > > I just requested an upload of ca-certificates (20151204) to unstable, > and I would like to follow that up with stable-pu and oldstable-pu > updates to include the current Mozilla CA bundle changes for jessie and > wheezy. > > I appears that I did a wheezy-pu update last year on #743156, but wanted > to clarify if these upcoming uploads will be acceptable. > Hi, Thanks for the interest in patching ca-certificates in the stable releases. Could I perhaps convince you to file this (kind of) request as a pu bug? They are much easier for us to track than mails to the mailing list. I appreciate that you might have been sending this mail to avoid the pu-bug. Unfortunately, we often end up forgetting the mail on our TODO list if it is not listed in the bug tracker. Thanks, ~Niels signature.asc Description: OpenPGP digital signature
Updating ca-certificates through stable-updates
Hi Stable Release Managers, We're currently discussing in #806239 how to keep the ca-certificates package more up-to-date in (old)stable. Since ca-certificates is a data package that needs timely updating (when CAs are removed due to lapsed audits, they should be distrusted immediately), it satisfies the criteria for stable-updates posted here: https://www.debian.org/News/2011/20110215 I just wanted to confirm that the SRMs would be OK pushing out new ca-certificates packages through stable-updates. Thanks, Andrew