The info in this thread could be the starting point for this page:

See also:

What are binNMUs?

A binNMU is a binary-only non-maintainer upload. This is necessary when the build for a specific architecture failed, or produced buggy packages, due to a problem in the build environment itself (not due to an error in the package source). Such problems include library transitions ([ example]) or a misconfiguration on the package maintainer's machine used for preparing uploads ([ example]). In a binNMU, the arch: any packages are rebuilt, but the arch: all packages are not.

Each of the arch: any packages receives a new version number which is the old version number with the suffix +b appended plus a version number for the binNMU (e.g. version 2.3.4-3 will become 2.3.4-3+b1). The binNMU version is incremented independently on each architecture ([ example]). The only file in the source package which is modified by the binNMU is debian/changelog, which gets a new entry for the new version. (Historically, binNMU version numbers were created by bumping (or creating, if it did not already exist) the third-level number in the Debian revision, for instance 2.3.4-3 would instead have become 2.3.4-3.0.1. This numbering convention is no longer used.)

Where to request a binNMU?

To request a binNMU ask for it on the [ debian-release mailing list].

If you want to be kind to the RMs, you could use the following format in your e-mail, for each (package, binNMU tuple number):

[package]_[source-version], [reason], [binNMU number], [list of archs]

for instance:

package_0.1-1, Rebuild against newer libc6 fixes #123456, 1, i386 amd64 s390

However, if you do not know the exact binNMU number (and you're too lazy to look it up using rmadison), just ask the regular way and someone else will construct the proper line for you.

Note that bugs can't be closed in the reason of binNMUs, so please close the bugs that are fixed by a binNMU manually.

How to make packages binNMU safe?

Executive summary

Note: The versioned Build-Depends on dpkg-dev (>= 1.13.19) is not needed anymore, since Etch, Lenny and Sid all have the necessary version.


For example, sometimes a package refers to the version of the source package in package relationship definitions. Consider a source package that still uses the deprecated ${Source-Version} variable:

 Source: foo
 Package: foo-bin
 Depends: foo-common (= ${Source-Version})
 Architecture: any
 Package: foo-common
 Architecture: all

The first upload creates the following versions:

Now, suppose the foo-bin package is binNMU uploaded for an architecture. The ${Source-Version} variable is retrieved from debian/changelog, so after the binNMU the archive will contain the following versions:

The foo-common package needs no new upload, because it was properly created before! However, there is no version 1.0-1+b1 of foo-common, so the dependencies are now broken, and foo-bin is uninstallable on the architecture where foo was binNMU'ed.

The solution is to use ${source:Version} instead of ${Source-Version}. This variable is also retrieved from the latest entry in the changelog, but any +b suffix is discarded. So, the following packages are created:

What are binNMUs have happened?

List of transitional NMU's done by release(?) team: