On Wed, May 17, 2017 at 10:02:29AM +0000, Holger Levsen wrote: > On Wed, May 17, 2017 at 09:57:55AM +0200, Wolfgang Schweer wrote: > > I just looked it up: Wheezy is affected by the CVE fix as well (exim4 > > 4.80-7+deb7u4, wheezy-security) but noone reported problems… > > Then I dont think we should bother fixing it in wheezy… Agreed. I've put instructions how to fix it on the Wheezy status page. > > Yes. And IMO we should ship a NEWS file containing information about the > > changes and how to cope with them. I believe we should do this each time > > d-e-c is upgraded for STABLE and OLDSTABLE. > > hm, besides that there's no guarantee that a NEWS file will be seen or read, > it also poses the additional difficultiy of having the NEWS file in (old)stable > but not in sid/testing… ok, then let's skip this. Wolfgang
Attachment:
signature.asc
Description: PGP signature