Hi, On Thu, May 11, 2017 at 11:49:37AM +0200, Rhonda D'Vine wrote: > Hi, > > * Aron Xu <aron@debian.org> [2017-05-11 11:25:22 CEST]: > > On Wed, May 10, 2017 at 9:09 AM, Jonathan Nieder <jrnieder@gmail.com> wrote: > > > https://lists.debian.org/debian-backports-changes/2017/02/msg00149.html > > > added git to jessie-backports. Please update it to include the fix to > > > CVE-2017-8386. > > > > I'm sorry for the inconvenience, and I'll follow up on the update once > > new version hits testing, :-) > > There is no need to delay security related updates with the transition > phase. This was always clearly communicated by the backports team. :) Does a BSA number need to be assigned? https://backports.debian.org/Contribute/ Also, at what point should the Backports Team step in with a team upload to correct a security fault? Git-1:2.11.0-3 is now in testing. Cheers, Nicholas
Attachment:
signature.asc
Description: Digital signature