Path: csiph.com!eternal-september.org!feeder.eternal-september.org!aioe.org!bofh.it!news.nic.it!robomod From: Markus Koschany Newsgroups: linux.debian.maint.java Subject: Re: Unsupported packages for Wheezy LTS Date: Thu, 19 Nov 2015 23:00:02 +0100 Message-ID: References: X-Original-To: =?UTF-8?Q?Moritz_M=c3=bchlenhoff?= , debian-lts@lists.debian.org X-Mailbox-Line: From debian-java-request@lists.debian.org Thu Nov 19 21:54:14 2015 Old-Return-Path: X-Amavis-Spam-Status: No, score=-12.7 tagged_above=-10000 required=5.3 tests=[BAYES_00=-2, LDO_WHITELIST=-5, PGPSIGNATURE=-5, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no X-Policyd-Weight: using cached result; rate: -6.1 X-Enigmail-Draft-Status: N1110 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Icedove/38.3.0 MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="jsvhfErJfQHTXHGUe9SAqTpxBjcPddMtC" X-Sa-Exim-Scanned: No (on richard.fcube.de); SAEximRunCond expanded to false X-Mailing-List: archive/latest/18894 List-ID: List-URL: List-Archive: https://lists.debian.org/msgid-search/564E44F7.7000509@gambaru.de Approved: robomod@news.nic.it Lines: 78 Organization: linux.* mail to news gateway Sender: robomod@news.nic.it X-Original-Cc: team@security.debian.org, "debian-java@lists.debian.org" X-Original-Date: Thu, 19 Nov 2015 22:53:59 +0100 X-Original-Message-ID: <564E44F7.7000509@gambaru.de> X-Original-References: <20150819110259.GA8358@pisco.westfalen.local> <20151119204535.GC6654@pisco.westfalen.local> Xref: csiph.com linux.debian.maint.java:8575 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --jsvhfErJfQHTXHGUe9SAqTpxBjcPddMtC Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Am 19.11.2015 um 21:45 schrieb Moritz M=C3=BChlenhoff: [...] > Another package which needs to be sorted out is the support for > Java. wheezy has both openjdk-6 and openjdk-7 (jessie has only > -7 and stretch will also only have one version). >=20 > Currently the maintenance heavily relies on the gruntwork done > by Matthias Klose (and recently indirectly Tiago St=EF=BF=BDrmer Daitx)= : > The unstable releases are backported. >=20 > It needs to be sorted with them out how long these openjdk-6 > uploads will be available in experimental (and how long upstream > support in icedtea will happen). Otherwise it might make more > sense to only support openjdk-7 in Debian LTS. Some rdeps in > wheezy will not allow that, but I think most people use openjdk > to run external java apps and not the Java apps packaged in > Debian (with maybe Tomcat as the exception). >=20 Hi, I believe Debian Java is more than just OpenJDK and Tomcat and it is rather discouraging to read that "most people use openjdk to run external java apps and not the Java apps packaged in Debian". The Debian Java team alone maintains about 900 source packages and according to popcon there are several packages besides Tomcat with a significant user base. I suggest to keep the Java team involved when it comes to security support in LTS releases, so that we can help to identify important packages and sort things out. There are some Java packages which have no security implications at all (API packages) and others that deserve more attention and where we gladly accept help from the (LTS-) security team. I think I am not the only one who is interested in improving the security support for Java packages but we should really discuss this together. For what it's worth security support for OpenJDK 6 can be dropped at some time during Wheezy LTS. It is sensible to advise users to switch to OpenJDK 7 then. Most packages should continue to work because they were compiled against version 5 anyway. Regards, Markus --jsvhfErJfQHTXHGUe9SAqTpxBjcPddMtC Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJWTkT4XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1Hk+VwQALodfpd8+bUQXUBVWDdo7va/ dmXPNf922qYGi6Nw1LCKnD94n+g6NwjROSdZAI0O61mYcySr5jHJsPyt7Tcin7ci hVvZgzOyikD1JNhww2IeJ5NWVzTmYImCt+biH9QgcSsnfzJz19zqcIyn8GHFwI/d 8KsBjnre58W0Jt1WogMdcpXldoL+aV3fqTbtwsIt/4pdxDxQrldwNQWz3CWb7yNj hjxiHILfhjzpNkvf5bKfOXQ0raOs70blGTnjCxEMuBTFSWNyIP/dMrDXCNIX6yk2 bbbyOFqDiLOHTgdZw03punIpBeF2ydNXik5i0D6wjDu0ODKHes1KgoT0tIZ+9/bx o2akPuaiA3hRWg6WUSTHEcCYyKYgOU9UwAhRP7SsfJ4oALio+VeSt2PYa2yJGPMq BKjeH1hZsDzYEOlJ0wo0aDb417FIqwtj4ahwiLXfr0kJok9oslDq99WZScJ1DNxl NBG2dW/UCnUWspiTGQIqeRJOyOP22m/FKhlitRLph+NH7M9mmTLYzPDtSA+VXTFA Y05n7JzMxPNMjaR9SvwOKQI8OFuMiWAdVm5GIVNaHlOyMjJbg058cpjiZumqtclW 3a5f7rNJ3SfsP8/IImHGnBcLUCqNq/HdmsV68ZI2gVBmE7tQ4CZgyTYfdLPlTrAM A42V+qA7Yiiph7IeLBL4 =5nOC -----END PGP SIGNATURE----- --jsvhfErJfQHTXHGUe9SAqTpxBjcPddMtC--