Bug#1089596: openjpeg2: Please package upstream version 2.5.2
Santiago Ruano Rincón
santiagorr at riseup.net
Mon Dec 9 15:48:39 GMT 2024
Source: openjpeg2
Severity: important
User: debian-lts at lists.debian.org
Usertags: upstream-trixie
X-Debbugs-Cc: debian-lts at lists.debian.org
Dear openjpeg2 maintainer(s),
Testing (trixie) currently ships openjpeg2 2.5.0. Upstream released
2.5.2 on Februray 28th 2024, and they are considering doing a 2.5.3
release soon:
https://groups.google.com/g/openjpeg/c/FKRHVlvWVDU/m/6A-SROGUAwAJ.
While I am not aware of any release schedule and EOL policy for
openjpeg2, I would say that the more recent release can be included in
trixie, the better. And the easier would be to provide security updates
to the users during the trixie life cycle. It is worth noting that
upstream has already fixed these two (minor) security issues:
https://security-tracker.debian.org/tracker/CVE-2019-6988
https://security-tracker.debian.org/tracker/CVE-2021-3575.
If you need or want help packaging this more recent upstream version,
please don't hesitate to speak up. Someone from the LTS team, may be
interested in contributing (CC'ing debian-lts).
Best regards,
-- Santiago, for the LTS Team.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-phototools-devel/attachments/20241209/cabb5fc4/attachment.sig>
More information about the Pkg-phototools-devel
mailing list