On Sat, Jul 09, 2016 at 10:24:47AM +0200, Guido Günther wrote: > > At Debconf we discussed that since LTS doesn't have point releases - > where minor issues can be fixed by the maintainer - we should use no-dsa > very cautiously and rather be on the safe side. > > I'd rather fix the CVE in this case rather than marking it as no-dsa. > Guido, Thanks for the information. I had not taken notice of the fact that LTS doesn't have point releases. I agree that even minor issues should receive attention. When I get some hours allocated I'll tackle bind9, unless someone else has claimed it first. Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
Attachment:
signature.asc
Description: Digital signature