Copy: [email protected] (debian-release)
Copy: [email protected] (Debian FTP Masters)

This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------29yWJrczsY9sTEImbeEAUjSz
Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64

RGVhciBzZWN1cml0eSB0ZWFtLA0KDQpMaWtlIGxhc3QgY3ljbGUgWzFdIEknbSBhc2tpbmcg eW91IHRvIHRlc3QgdGhhdCB0aGUgbmV4dCBzZWN1cml0eSBzdWl0ZSANCmlzIHdvcmtpbmcg YXMgaW50ZW5kZWQuIEluIG91ciBjaGVja2xpc3QgWzJdIGl0J3MgbWVudGlvbmVkIHRvIA0K Y29vcmRpbmF0ZSB3aXRoIHlvdSBhbiB1cGxvYWQgdG8gdHJpeGllLXNlY3VyaXR5IHRvIGNv bmZpcm0gdGhlIGJ1aWxkIA0KaGFwcGVucyBhcyBleHBlY3RlZC4gVGhlIGNoZWNrbGlzdCBn b2VzIG9uIHRvIHN1Z2dlc3QgYSBjaGVjayB0aGF0IGFsc28gDQphIHBhY2thZ2UgbmVlZGlu ZyBzaWduaW5nIHdvcmtzLg0KDQpEdXJpbmcgdGhlIGxhc3QgY3ljbGUgc29tZSBpc3N1ZXMg d2VyZSBmb3VuZCwgb25lIGJlaW5nIHRoYXQgdGhlIGFyY2hpdmUgDQpkaWRuJ3QgYWxsb3cg dXBsb2FkcyAoSUlVQykuIE1heWJlIGl0J3Mgd29ydGggY2hlY2tpbmcgYnkgZnRwLW1hc3Rl ciANCmFoZWFkIG9mIHRpbWUgaWYgdGhhdCdzIHRoZSBjYXNlIG5vdyB0b28gKGhlbmNlIHRo ZSBDQykuDQoNClBhdWwNCg0KWzFdIGh0dHBzOi8vbGlzdHMuZGViaWFuLm9yZy9kZWJpYW4t cmVsZWFzZS8yMDIzLzAzL21zZzAwMDcyLmh0bWwNClsyXSANCmh0dHBzOi8vd2lraS5kZWJp YW4ub3JnL1RlYW1zL1JlbGVhc2VUZWFtL1JlbGVhc2VDaGVja0xpc3QvVHJpeGllQ2hlY2tM aXN0DQo=

--------------29yWJrczsY9sTEImbeEAUjSz--

-----BEGIN PGP SIGNATURE-----

wsC7BAABCABvBYJoQz9sCRCcXJnrBb11CkcUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmdEdr2rZxMTthbyy2pdWY7wpxyekSQuGxYFwkZ2R8RC ZRYhBFi2bUhza+k7BS3mcpxcmesFvXUKAACqJwf/Z3Ms2RHIFvgnh40cKwlkOFCa 7kdS/Lj/eF5Ir9n/UGkuQGdqn9+9p+OTnL43e3ZvOfHL0oWALqJWBShHVAQOTfgc 0h13nUZHxLAHcxPg0bC0w62YCfEDdD/Jum7Juf9/ZpKc5AxvfuvHbpzuoKw/dxeA yVVWbAi1938MHyXvTnh4lSFhiHEPaCTzbtaXLIGXibkDZ9lsLm/JC55+ni2BwyxZ QOGfuOsd71iHWzQWjZxfLbovlhwufhbcEWOKoR0KCvvfG2LtGJMqht0QaVBtAATN jt9cyh2cYo3WYHn7zj+s/UtzSis548Nu2q7117UeLF41DL2mngQtTXGbxf07UQ==
=LZ44
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi
On Fri, Jun 06, 2025 at 09:33:26PM +0000, Moritz M�hlenhoff wrote:

On Fri, Jun 06, 2025 at 09:20:12PM +0200, Paul Gevers wrote:

Dear security team,

Like last cycle [1] I'm asking you to test that the next security suite is working as intended. In our checklist [2] it's mentioned to coordinate with you an upload to trixie-security to confirm the build happens as expected. The checklist goes on to suggest a check that also a package needing signing
works.

During the last cycle some issues were found, one being that the archive didn't allow uploads (IIUC). Maybe it's worth checking by ftp-master ahead of time if that's the case now too (hence the CC).

Paul

[1] https://lists.debian.org/debian-release/2023/03/msg00072.html
[2] https://wiki.debian.org/Teams/ReleaseTeam/ReleaseCheckList/TrixieCheckList

Sure! If the dak infrastructre is ready, I can prepare a trixie-security upload
for the open issues in src:libcoap3.

Alternative proposal if we want as well the testing of the signing
service: I have a 6.12.32-1 pending next, how about uploading the
"noop" linux/6.12.31-1 for trixie-security < 6.12.32-1 unstable/trixie
and let all the part checking?

Salvatore

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi,

On 2025-06-07 11:48, Emilio Pozuelo Monfort wrote:

On 07/06/2025 08:28, Salvatore Bonaccorso wrote:

Hi
On Fri, Jun 06, 2025 at 09:33:26PM +0000, Moritz Mühlenhoff wrote:

On Fri, Jun 06, 2025 at 09:20:12PM +0200, Paul Gevers wrote:

Dear security team,

Like last cycle [1] I'm asking you to test that the next security suite is
working as intended. In our checklist [2] it's mentioned to coordinate with
you an upload to trixie-security to confirm the build happens as expected.
The checklist goes on to suggest a check that also a package needing signing
works.

During the last cycle some issues were found, one being that the archive
didn't allow uploads (IIUC). Maybe it's worth checking by ftp-master ahead
of time if that's the case now too (hence the CC).

Paul

[1] https://lists.debian.org/debian-release/2023/03/msg00072.html
[2] https://wiki.debian.org/Teams/ReleaseTeam/ReleaseCheckList/TrixieCheckList

Sure! If the dak infrastructre is ready, I can prepare a trixie-security upload
for the open issues in src:libcoap3.

Alternative proposal if we want as well the testing of the signing
service: I have a 6.12.32-1 pending next, how about uploading the
"noop" linux/6.12.31-1 for trixie-security < 6.12.32-1 unstable/trixie
and let all the part checking?

Sounds good.

Thanks for doing this test. It appeared that the riscv64 buildds were misconfigured, and while the package got build successfully, it ended up
in the wrong upload queue, and got rejected on fasolo. This is now
fixed, the package got reupload to suchon, and seems to have ended up in unchecked on seger.

Regards
Aurelien

--
Aurelien Jarno GPG: 4096R/1DDD8C9B [email protected] http://aurel32.net

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi Emili, hi Paul,

On Sat, Jun 07, 2025 at 11:48:36AM +0200, Emilio Pozuelo Monfort wrote:

On 07/06/2025 08:28, Salvatore Bonaccorso wrote:

Hi
On Fri, Jun 06, 2025 at 09:33:26PM +0000, Moritz M�hlenhoff wrote:

On Fri, Jun 06, 2025 at 09:20:12PM +0200, Paul Gevers wrote:

Dear security team,

Like last cycle [1] I'm asking you to test that the next security suite is
working as intended. In our checklist [2] it's mentioned to coordinate with
you an upload to trixie-security to confirm the build happens as expected.
The checklist goes on to suggest a check that also a package needing signing
works.

During the last cycle some issues were found, one being that the archive
didn't allow uploads (IIUC). Maybe it's worth checking by ftp-master ahead
of time if that's the case now too (hence the CC).

Paul

[1] https://lists.debian.org/debian-release/2023/03/msg00072.html
[2] https://wiki.debian.org/Teams/ReleaseTeam/ReleaseCheckList/TrixieCheckList

Sure! If the dak infrastructre is ready, I can prepare a trixie-security upload
for the open issues in src:libcoap3.

Alternative proposal if we want as well the testing of the signing
service: I have a 6.12.32-1 pending next, how about uploading the
"noop" linux/6.12.31-1 for trixie-security < 6.12.32-1 unstable/trixie
and let all the part checking?

Sounds good.

This testing has now been done and an intermediaary 6.12.31-1 linux
upload just landed in trixie-security (which should be soon be
overriden by the 6.12.32-1 one migrating to testing).

There were some problems on the way (trixie-security not allowing
source only uploads, a problem with the riscv64 uploads) and I would
like to thanks from heart in particular Ansgar for his work on
ftp-master side on dak, for preparing and fixing the missing bits.

As well Aurelien for fixing the buildd side for riscv64 uploads for trixie-security.

Regards,
Salvatore

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)