[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: squeeze update of curl?

Hi Alessandro,

2015-04-27 14:12 GMT+02:00 Alessandro Ghedini <ghedo@debian.org>:
> On ven, apr 24, 2015 at 11:26:22 +0200, Raphael Hertzog wrote:
>> Hello Alessandro,
> Hi, and sorry for the delay.
>> the Debian LTS team would like to fix the security issues which are
>> currently open in the Squeeze version of curl:
>> https://security-tracker.debian.org/tracker/CVE-2015-3143
>> https://security-tracker.debian.org/tracker/CVE-2015-3148
>> Would you like to take care of this yourself? We are still understaffed so
>> any help is always highly appreciated.
> I'd rather not. Backporting fixes to squeeze usually involves significant work,
> and I already have to handle wheezy and now jessie too (it also seems like
> someone already took care of these particular issues).

Thank you for taking care of the Debian-supported releases.

I (on behalf of the LTS team since I'm responsible for frontdesk now) take your
answer as covering all future curl security updates for releases in LTS period
thus we won't contact you for each CVE.

If you happen to change your mind please just send the LTS Team an email
stating that.


Reply to: