[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SRM] krb5 changelog missing CVE

>>>>> "Florian" == Florian Weimer <fw@deneb.enyo.de> writes:

    Florian> * Adam D. Barratt:
    >> On Tue, 2012-01-03 at 20:09 +0100, Florian Weimer wrote:
    >>> * Sam Hartman:
    >>> 
    >>> > Florian Weimer noticed that the krb5 changelog in squeeze was
    >>> missing a > CVE that was fixed in the patch applied.  > He
    >>> proposes to make a new upload that corrects the changelog so
    >>> that > people who track security issues from the changelog will
    >>> find the fix:
    >>> 
    >>> Sorry, there seems to be a slight misunderstanding.  The
    >>> changelog was indeed incorrect, but even that upload never made
    >>> it to the archive.
    >> [...]
    >>> We already have packages built for (all?) 13 architectures.
    >> 
    >> Based on that final comment, I assume the updates will be
    >> released via the security archive and there's nothing we (the
    >> release team) need to do right now?

    Florian> No, I would like to take them from the queue and upload
    Florian> them directly to the main archive.

Ah, right. I'm sorry about my confusion.
Reply to: