[Pkg-freeipa-devel] Bug#1033968: unblock: certmonger/0.79.17-2
Timo Aaltonen
tjaalton at debian.org
Wed Apr 5 07:54:32 BST 2023
Package: release.debian.org
Control: affects -1 + src:certmonger
X-Debbugs-Cc: certmonger at packages.debian.org
User: release.debian.org at packages.debian.org
Usertags: unblock
Severity: normal
Please unblock package certmonger.
[ Reason ]
This reverts a change in -1 that was done in order to work around the
fact that Debian doesn't use a shared /etc/pki/nssdb, and that turned
out to be unnecessary after upstream fixed the original issue and
doesn't need an nssdb anymore.
The other changes are minor, fixes a crossbuild issue and disables
support for insecure DSA keys.
There is one undocumented change which was due to a MR from salsa:
https://salsa.debian.org/freeipa-team/certmonger/-/merge_requests/3
but it just bumps a build-dep. Running 'gbp dch' was easy to miss, as I
usually include the dch entry in my commits.
[ Impact ]
Allows (free)ipa-server-install to succeed without racing to a failure,
this can be seen in the CI results using the package from experimental
(testing/unstable only has the client):
https://ci.debian.net/packages/f/freeipa/unstable/amd64/
Having a fixed package in bookworm would allow backporting
freeipa-server if need be.
[ Risks ]
Minimal, certmonger itself doesn't need the nssdb that was created in -1
so reverting it here shouldn't break any systems that have -1.
[ Checklist ]
[ ] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock certmonger/0.79.17-2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: certmonger-debdiff.diff
Type: text/x-patch
Size: 10856 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-freeipa-devel/attachments/20230405/a0778f7f/attachment.bin>
More information about the Pkg-freeipa-devel
mailing list