[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: proftpd-dfsg upgrade (was: Re: Why are backports of Squeeze packages in etch-backports?)

On Fri, Mar 06, 2009 at 01:18:16PM +0100, Gerfried Fuchs wrote:
> * Francesco P. Lovergine <frankie@debian.org> [2009-03-06 12:02:10 CET]:
> > While on that. Current proftpd-dfsg in bpo needs upgrading for a couple security
> > issues fixed in lenny. Now, the questions:
>  Do you have some reference for that? I don't see proftpd listed in
> <http://security-tracker.debian.net/tracker/status/release/oldstable-backports>
> nor in
> <http://security-tracker.debian.net/tracker/status/release/stable-backports>?


> > * who is in charge for that? 
>  The same person that originally injected and is expected to maintain
> the package within backports, i.e. you. :)
> > * is the 1.3.1-15~bpo40+1 -> 1.3.1-17lenny2~bpo40+1 (wow!) the right
> >   upgrade to consider? Or a more strict sec-only upgrade should be considered? 
>  Yes, that is the proper upgrade to consider - you might have wanted to
> upload 1.3.1-17 before it got touched by the security team anyway,
> depending on the changes.
>  So long, and thanks for taking care of it!
> Rhonda

Well, currently 1.3.17-1 needs fixing anyway, so I would upload 
the current backported 1.3.17lenny2.

Francesco P. Lovergine

Reply to: