openjdk team mailing list archive

[tony mancill <tmancill@xxxxxxxxxx>]

On Wed, Nov 25, 2020 at 09:26:13AM +0100, Moritz Muehlenhoff wrote:
> On Tue, Nov 24, 2020 at 03:05:26PM -0800, tony mancill wrote:
> > Hello Matthias, Tiago, and other members of the OpenJDK team,
> > 
> > Thank you for the recent uploads of 11.0.9.1 [1].  Given that it
> > addresses JDK-8250861 [2] (which is serious, although I'm unsure as to
> > whether it is DSA-worthy) and there are likely derivatives that would
> > benefit from the update, would you mind if I prepare an upload of
> > 11.0.9.1 for Debian stable?
> 
> This doesn't seem like a security issue, but a generic bug affecting
> 11.0.9?
> 
> If this can't wait until the next CPU in January, fixing this
> via the upcoming 10.7 point release is an option:
> https://lists.debian.org/debian-live/2020/11/msg00000.html
> https://www.debian.org/doc/manuals/developers-reference/pkgs.en.html#special-case-uploads-to-the-stable-and-oldstable-distributions

I agree that it's a generic bug affecting 11.0.9 (albeit a serious one).
I will prepare an upload for stable-proposed-updates that will replace
yours from a few weeks ago [1].

Since we have stacked proposed updates, do you know whether the debdiff
for the release.debian.org bug should be against 11.0.9+11-1~deb10u1
(current proposed update) or 11.0.8+10-1~deb10u1 (current version in
stable)?  I suppose I can attach them both.

Thank you both for the responses,
tony

[1] https://tracker.debian.org/news/1188653/accepted-openjdk-11-110911-1deb10u1-source-amd64-all-into-proposed-updates-stable-new-proposed-updates/

Attachment: signature.asc
Description: PGP signature