[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Review squeeze-lts exactimage/0.8.1-3+deb6u4

Hi Sven,

On Tue, 26 May 2015, Sven Eckelmann wrote:
> I'd like to upload the attached patch to squeeze-lts to fix #786785
> (CVE-2015-3885). The security team marked this one as no-dsa (therefore also
> no DLA).

Actually, it's the LTS team who marked it that way, but we follow the
decision of the security team in most cases.

But if you prepare an update nevertheless, you will have to release a DLA.

> Sorry for not completely following the steps from the wiki page [2]. The
> access for secure-testing was granted but the commit rights/groups are
> not yet synced).

Looks like you managed to add yourself in dla-needed.txt in the mean time.

> I was also not able to find a lot of similar review requests
> (as example for my own) but still want some feedback before trying my first
> upload to squeeze-lts. Sorry when this review request is not in the correct
> format.

You request is perfect (even though you are not required to make any
request if you are the package maintainer).

In any case, I reviewed your debdiff and it looks good. Feel free to
proceed with the upload and the release of the DLA to

If you need sponsorship, please let us know.

Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/

Reply to: