[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Wheezy update of icu?

On Wed, Sep 07, 2016 at 09:10:16PM +0200, Moritz Muehlenhoff wrote:
> So, you've identified the upstream fix for CVE-2016-6293 and why does
> that not get commited to the security tracker?
> That really sucks. LTS development almost fully relies on the
> security tracker, so why don't you submit generic vulnerability information
> you come across?
I was not aware that I needed to do that.  It is not documented anywhere
in the LTS workflow [0] or in the security tracker itself [1].

Please let me know how I go about adding this to the security tracker
and I will.



[0] https://wiki.debian.org/LTS/Development
[1] https://security-tracker.debian.org/tracker/

Roberto C. Sánchez

Reply to: