LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Packaging and patching

Packaging and patching

Posted Aug 27, 2009 23:16 UTC (Thu) by branden (subscriber, #7029)
In reply to: Packaging and patching by dgm
Parent article: On properly packaging perl

Your citation of the Debian OpenSSL fiasco is a bullshit example.

As was widely reported at the time, Debian's package maintainer *did* take
the patch to the documented upstream development list. Communications
took place, but went awry, with each side not completely understanding the
other. Ben Laurie later waded in to cluck that distributors suck, and
that the patch should have been sent to the list that all the cool OpenSSL
upstream kids read. (The existence of said list was a well-kept secret
from the general public until the bug in question blew up in Debian's
face.)

There was lots of fail in the Debian OpenSSL situation, but failure to run
a patch by the upstream developers was not a component of it.

(Log in to post comments)

Packaging and patching

Posted Aug 28, 2009 0:12 UTC (Fri) by rlk (guest, #47505) [Link]

That was my recollection about what happened; thank you for correcting the details.

In the Gutenprint example, nobody ever attempted to contact us (we have a development mailing list that's noted on our web site that's open subscription), even to notify us that they were making the change in question. We were left to find out about it from complaints from unhappy users.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds