DSA for lxc CVE-2015-1335 [was Re: working for wheezy-security until wheezy-lts starts]
Hi,
On Tue, Mar 01, 2016 at 08:01:20PM +0100, Moritz Muehlenhoff wrote:
> On Tue, Mar 01, 2016 at 02:08:56PM +0000, Sébastien Delafond wrote:
> > On 2016-03-01, Mike Gabriel <sunweaver@debian.org> wrote:
> > > @Security Team: Shall we (LTS contributors) handle wheezy-security
> > > updates like described below until Debian wheezy LTS comes into play?
> > >
> > > o Pick a package that has open CVE issues in wheezy, e.g. from
> > > above list
> > > o Add the package to data/dsa-needed.txt, if not already there:
>
> Don't add anything to dsa-needed.txt directly, but rather ask team@ first
> whether this actually qualifies for a DSA. Packages get only added there
> after individual assessment.
O.k. to grab lxc fixing CVE-2015-1335 to dsa-needed ?
Cheers,
-- Guido
Reply to: