#1005834 src:grub2: fails to migrate to testing for too long: sitting out waiting time in unstable

Package:
src:grub2
Source:
grub2
Submitter:
Paul Gevers
Date:
2022-02-15 18:57:05 UTC
Severity:
serious
Tags:
Blocked By:
Bug Title
1001057

  5

 grub2: CVE-2022-28735 grub2: shim_lock verifier allows non-kernel files to be loaded

serious about 4 years ago

#1005834#5
Date:
2022-02-15 18:53:28 UTC
From:
To:
Dear maintainer(s),

The Release Team considers packages that are out-of-sync between testing
and unstable for more than 60 days as having a Release Critical bug in
testing [1]. Your package src:grub2 has been trying to migrate for 79
days [2]. I have waited some time after my ping to the blocking bug, but
I got no response. To raise awareness, I file the bug now.

If a package is out of sync between unstable and testing for a longer
period, this usually means that bugs in the package in testing cannot be
fixed via unstable. Additionally, blocked packages can have impact on
other packages, which makes preparing for the release more difficult.
Finally, it often exposes issues with the package and/or
its (reverse-)dependencies. We expect maintainers to fix issues that
hamper the migration of their package in a timely manner.

I have immediately closed this bug with the version in unstable, so if
that version or a later version migrates, this bug will no longer affect
testing. I have also tagged this bug to only affect sid and bookworm, so
it doesn't affect (old-)stable.

Paul

[1] https://lists.debian.org/debian-devel-announce/2020/02/msg00005.html
[2] https://qa.debian.org/excuses.php?package=grub2