[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Wheezy update of firefox-esr?


2016-09-20 23:43 GMT+02:00 Chris Lamb <lamby@debian.org>:
> Hello dear maintainer(s),
> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of firefox-esr:
> https://security-tracker.debian.org/tracker/source-package/firefox-esr
> Would you like to take care of this yourself?
> If yes, please follow the workflow we have defined here:
> https://wiki.debian.org/LTS/Development
> If that workflow is a burden to you, feel free to just prepare an
> updated source package and send it to debian-lts@lists.debian.org
> (via a debdiff, or with an URL pointing to the source package,
> or even with a pointer to your packaging repository), and the members
> of the LTS team will take care of the rest. Indicate clearly whether you
> have tested the updated package or not.
> If you don't want to take care of this update, it's not a problem, we
> will do our best with your package. Just let us know whether you would
> like to review and/or test the updated package before it gets released.
> You can also opt-out from receiving future similar emails in your
> answer and then the LTS Team will take care of firefox-esr updates
> for the LTS releases. (In case we don't get any answer for months,
> we may also take it as an opt-out, too.)

I think Mike would like the LTS Team to prepare the future updates:

On Thu, Aug 04, 2016 at 06:32:14PM +0900, Mike Hommey wrote:
> On Thu, Aug 04, 2016 at 11:04:47AM +0200, Markus Koschany wrote:
> > Hello Mike,
> >
> > Thank you for preparing the security update of firefox-esr. I have just
> > sent a security announcement for your update in Wheezy to the
> > debian-lts-announce mailing list. If you want to take care of this next
> > time, please follow our guidelines which we have outlined at [1]. If
> > this is a burden for you, no problem, we will do our best and take care
> > of the rest. In this case we would like to ask you to send a short
> > reminder to debian-lts, so that we can prepare the announcement in a
> > timely manner.
> Heh, I hadn't realized that wasn't handled by standard DSAs, sorry about
> that. That these updates go through the same security-master doesn't
> help making it obvious they are different.
> Anyways, I'd rather not have more work to do, so if can send
> announcements, that works for me. Or you can deal with the backport
> from back to back.

I have added firefox-esr to lts-do-not-call and started preparing the update.


Reply to: