Re: Should bind9 be marked no-dla?

To: debian-lts@lists.debian.org
Subject: Re: Should bind9 be marked no-dla?
From: Roberto C. Sánchez <roberto@connexer.com>
Date: Sat, 9 Jul 2016 08:10:19 -0400
Message-id: <[🔎] 20160709121018.GK6391@connexer.com>
Mail-followup-to: debian-lts@lists.debian.org
In-reply-to: <[🔎] 20160709082447.GA3161@bogon.m.sigxcpu.org>
References: <[🔎] 20160709033922.GJ6391@connexer.com> <[🔎] 20160709082447.GA3161@bogon.m.sigxcpu.org>

On Sat, Jul 09, 2016 at 10:24:47AM +0200, Guido Günther wrote:
> 
> At Debconf we discussed that since LTS doesn't have point releases -
> where minor issues can be fixed by the maintainer - we should use no-dsa
> very cautiously and rather be on the safe side.
> 
> I'd rather fix the CVE in this case rather than marking it as no-dsa.
> 
Guido,

Thanks for the information.  I had not taken notice of the fact that LTS
doesn't have point releases.  I agree that even minor issues should
receive attention.  When I get some hours allocated I'll tackle bind9,
unless someone else has claimed it first.

Regards,

-Roberto

-- 
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- Should bind9 be marked no-dla?
  - From: Roberto C. Sánchez <roberto@connexer.com>
- Re: Should bind9 be marked no-dla?
  - From: Guido Günther <agx@sigxcpu.org>

Prev by Date: Re: Should bind9 be marked no-dla?
Next by Date: Re: RFH: fixing some squid2 remaining open bugs. (was: Should we give security support for squid when wheezy also has squid3?)
Previous by thread: Re: Should bind9 be marked no-dla?
Next by thread: Re: [SECURITY] [DLA 546-1] clamav version update
Index(es):
- Date
- Thread