Your message dated Wed, 3 Dec 2014 18:34:36 +0000
with message-id <20141203183436.ga5...@lupin.home.powdarrmonkey.net>
and subject line Re: Bug#768010: future mongodb unblock
has caused the Debian Bug report #768010,
regarding unblock: mongodb/1:2.4.10-4
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
768010: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768010
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
Hi,
Upstream released MongoDB 2.6.0 too late for Jessie and started to
work for 2.8.0. Then I was blind to see they backport important fixes
for the 2.4.x tree. The 2.4.11 [1] and 2.4.12 [2] changelogs are
available, as well the upcoming 2.4.13 [3].
I suspect it's too late to let them enter Jessie, but I'd be happy to
package them if allowed. At least I ask permission to use the security
fix[4] and disabling of the SSLv3 ciphers[5]. Which path may I take?
I should emphasize that the fixes included went through the 2.5
development cycle and part of the current stable, 2.6 release tree.
The fixes backport done and tested by upstream itself.
I've already packaged 2.4.12 for Sid and all I had to change is to
adjust a small patch to apply clean without fuzz. I'll backport the
SSLv3 disable patch from 2.4.13 soon to the package.
Thanks for consideration,
Laszlo/GCS
[1] https://jira.mongodb.org/browse/SERVER/fixforversion/13795
[2] https://jira.mongodb.org/browse/SERVER/fixforversion/14288
[3] https://jira.mongodb.org/browse/SERVER/fixforversion/14488
[4] https://jira.mongodb.org/browse/SERVER-14268
[5] https://jira.mongodb.org/browse/SERVER-15673
--- End Message ---
--- Begin Message ---
On Sat, Nov 29, 2014 at 11:25:40AM +0100, László Böszörményi wrote:
> On Sat, Nov 8, 2014 at 12:06 PM, Jonathan Wiltshire <j...@debian.org> wrote:
> > On Tue, Nov 04, 2014 at 07:30:09AM +0100, Laszlo Boszormenyi (GCS) wrote:
> >> At least I ask permission to use the security
> >> fix[4] and disabling of the SSLv3 ciphers[5]. Which path may I take?
> [...]
> >> I'll backport the
> >> SSLv3 disable patch from 2.4.13 soon to the package.
> >
> > Assuming the diffs are sane, I'll accept the security fix and the SSLv3
> > ciphers through sid please.
> OK, I've uploaded it a day ago. I attach the diff again.
Unblocked.
--
Jonathan Wiltshire j...@debian.org
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
signature.asc
Description: Digital signature
--- End Message ---
