[Kolab-devel] Erlang security update breaks guam on Debian 10
Lennart
lennart at ackermans.ch
Mon Jul 17 18:44:54 CEST 2023
Update: the major upgrade was intentional.
https://lists.debian.org/debian-lts/2023/07/msg00028.html
I think rebuilding guam based on the Debian security version of Erlang
is the most responsible choice. Even if something like this happens
again in the future it might be better that things break than that we
keep security vulnerabilities.
Best,
Lennart
On 17-07-2023 15:36, Lennart Ackermans wrote:
>
>
>
> On 2023-07-17 07:12, Christian Mollekopf wrote:
>
>>
>> I'd rather have it bundled than wake up to our packages no longer
>> starting because the upstream erts package changed, so for unbundling
>> we need to figure which erts version to pin first IMO.
>>
> Major updates like this recent erlang security update normally don't
> happen on stable Debian releases. The erlang package maintainer thinks
> this was probably a mistake by the Debian LTS team (email
> communication). If it is, it might be reverted. If it was intentional,
> that's a strange decision and probably not something that will be
> repeated. To be sure I asked on the Debian LTS mailing list. Should
> appear here: https://lists.debian.org/debian-lts/2023/07/threads.html.
> Best,
> Lennart
>
> _______________________________________________
> devel mailing list
> devel at lists.kolab.org
> https://lists.kolab.org/mailman/listinfo/devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kolab.org/pipermail/devel/attachments/20230717/1e81e950/attachment.html>
More information about the devel
mailing list