[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Should bind9 be marked no-dla?

On Sat, Jul 09, 2016 at 10:24:47AM +0200, Guido Günther wrote:
> At Debconf we discussed that since LTS doesn't have point releases -
> where minor issues can be fixed by the maintainer - we should use no-dsa
> very cautiously and rather be on the safe side.
> I'd rather fix the CVE in this case rather than marking it as no-dsa.

Thanks for the information.  I had not taken notice of the fact that LTS
doesn't have point releases.  I agree that even minor issues should
receive attention.  When I get some hours allocated I'll tackle bind9,
unless someone else has claimed it first.



Roberto C. Sánchez

Attachment: signature.asc
Description: Digital signature

Reply to: