Path: csiph.com!newsfeed.xs4all.nl!newsfeed7.news.xs4all.nl!3.eu.feeder.erje.net!feeder.erje.net!usenet.goja.nl.eu.org!aioe.org!bofh.it!news.nic.it!robomod From: Moritz Muehlenhoff Newsgroups: linux.debian.maint.java Subject: Re: okay to prepare 11.0.9.1+1 for Debian stable proposed updates? Date: Wed, 25 Nov 2020 18:30:02 +0100 Message-ID: References: X-Original-To: tony mancill X-Mailbox-Line: From debian-java-request@lists.debian.org Wed Nov 25 17:23:32 2020 Old-Return-Path: X-Amavis-Spam-Status: No, score=-9.3 tagged_above=-10000 required=5.3 tests=[BAYES_00=-2, LDO_WHITELIST=-5, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no X-Policyd-Weight: using cached result; rate: -4.6 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: NeoMutt/20170113 (1.7.2) X-Mailing-List: archive/latest/22550 List-ID: List-URL: List-Archive: https://lists.debian.org/msgid-search/20201125172315.pridvgnqn7roglfh@inutil.org Approved: robomod@news.nic.it Lines: 33 Organization: linux.* mail to news gateway Sender: robomod@news.nic.it X-Original-Cc: openjdk@lists.launchpad.net, debian-java@lists.debian.org X-Original-Date: Wed, 25 Nov 2020 18:23:15 +0100 X-Original-Message-ID: <20201125172315.pridvgnqn7roglfh@inutil.org> X-Original-References: <20201124230526.ayty366jt2gxf235@lark> <20201125082613.l3hfdfztpzgxfp65@inutil.org> <20201125165535.i5b6nkjmsm4nkm7j@lark> Xref: csiph.com linux.debian.maint.java:11929 On Wed, Nov 25, 2020 at 08:55:35AM -0800, tony mancill wrote: > On Wed, Nov 25, 2020 at 09:26:13AM +0100, Moritz Muehlenhoff wrote: > > On Tue, Nov 24, 2020 at 03:05:26PM -0800, tony mancill wrote: > > > Hello Matthias, Tiago, and other members of the OpenJDK team, > > > > > > Thank you for the recent uploads of 11.0.9.1 [1]. Given that it > > > addresses JDK-8250861 [2] (which is serious, although I'm unsure as to > > > whether it is DSA-worthy) and there are likely derivatives that would > > > benefit from the update, would you mind if I prepare an upload of > > > 11.0.9.1 for Debian stable? > > > > This doesn't seem like a security issue, but a generic bug affecting > > 11.0.9? > > > > If this can't wait until the next CPU in January, fixing this > > via the upcoming 10.7 point release is an option: > > https://lists.debian.org/debian-live/2020/11/msg00000.html > > https://www.debian.org/doc/manuals/developers-reference/pkgs.en.html#special-case-uploads-to-the-stable-and-oldstable-distributions > > I agree that it's a generic bug affecting 11.0.9 (albeit a serious one). > I will prepare an upload for stable-proposed-updates that will replace > yours from a few weeks ago [1]. > > Since we have stacked proposed updates, do you know whether the debdiff > for the release.debian.org bug should be against 11.0.9+11-1~deb10u1 > (current proposed update) or 11.0.8+10-1~deb10u1 (current version in > stable)? I suppose I can attach them both. Given that 11.0.9 is already published on security.debian.org for quite a while, I think submitting the 11.0.9-11.0.9.1 interdiff is enough. Cheers, Moritz