Re: proftpd-dfsg upgrade (was: Re: Why are backports of Squeeze packages in etch-backports?)
On Fri, Mar 06, 2009 at 01:18:16PM +0100, Gerfried Fuchs wrote:
> * Francesco P. Lovergine <firstname.lastname@example.org> [2009-03-06 12:02:10 CET]:
> > While on that. Current proftpd-dfsg in bpo needs upgrading for a couple security
> > issues fixed in lenny. Now, the questions:
> Do you have some reference for that? I don't see proftpd listed in
> nor in
> > * who is in charge for that?
> The same person that originally injected and is expected to maintain
> the package within backports, i.e. you. :)
> > * is the 1.3.1-15~bpo40+1 -> 1.3.1-17lenny2~bpo40+1 (wow!) the right
> > upgrade to consider? Or a more strict sec-only upgrade should be considered?
> Yes, that is the proper upgrade to consider - you might have wanted to
> upload 1.3.1-17 before it got touched by the security team anyway,
> depending on the changes.
> So long, and thanks for taking care of it!
Well, currently 1.3.17-1 needs fixing anyway, so I would upload
the current backported 1.3.17lenny2.
Francesco P. Lovergine