Bug#768509: debian-edu-config: After upgrading a Wheezy main-server to Debian 7.7 the Gosa gui fails to connect to LDAP

David Prévot taffit at debian.org
Tue Nov 18 02:28:07 UTC 2014 

[ Adding php maintainers, security team and release team to the loop. ]

Hi,

Le 09/11/2014 17:45, Wolfgang Schweer a écrit :

[ About a severe issue that recently popped up. ]

> Seems to be that the update from php version 5.4.4 to 5.4.34 (new 
> upstream release) caused the problem.

I can confirm being hit by this issue, and downgrading from 5.4.34
recently introduced by DSA 3064-1 to 5.4.4 still in stable allowed to
workaround this problem (thanks by the way for the various
investigations and workarounds provided in this bug reports).

That makes me wonder, that even if we’ve been warned in the DSA that the
new version “includes additional bug fixes, new features and possibly
incompatible changes.”, simply “refer[ing] to the upstream
changelog for more information” sounds a bit like closing eyes in the
hope nothing will break.

Maybe this upgrade will allow us to spot and fix a severe issue in gosa
this time, but changing the way to handle (security) updates during the
lifetime of a stable release may not be the best way to keep it stable.

I do understand that safely backporting (security) patches may be hard
sometime, but that’s part of what (used to) make the quality and
robustness reputation of Debian, and it would be nice to only use such
upgrade to new (minor) version as a last resort only. Potentially
breaking user scripts on security updates is bad, but risking to break
package distributed in stable sounds even worse.

Regards

David

P.-S.: hopefully, the increase in DEP-8 adoption and structures like
ci.d.n and jenkins.d.n will allow us to spot similar issues in stable
sooner in a not too distant future.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/debian-edu-pkg-team/attachments/20141117/8ca80b13/attachment.sig>

More information about the Debian-edu-pkg-team mailing list