Re: fixing in oldstable before unstable (was Re: Wheezy update of tre?)

To: Chris Lamb <lamby@debian.org>
Cc: Holger Levsen <holger@layer-acht.org>, debian-lts@lists.debian.org
Subject: Re: fixing in oldstable before unstable (was Re: Wheezy update of tre?)
From: Guido Günther <agx@sigxcpu.org>
Date: Sat, 22 Oct 2016 13:02:53 +0200
Message-id: <[🔎] 20161022110253.56lceh2kdknuuyi3@bogon.m.sigxcpu.org>
Mail-followup-to: Guido Günther <agx@sigxcpu.org>, Chris Lamb <lamby@debian.org>, Holger Levsen <holger@layer-acht.org>, debian-lts@lists.debian.org
In-reply-to: <[🔎] 1477045804.1964244.762977497.4B246BA3@webmail.messagingengine.com>
References: <[🔎] 20161020142641.GA2479@layer-acht.org> <[🔎] 50b91a3c-ad8e-3a48-7d8b-2104b7a2729b@debian.org> <[🔎] 20161020151530.GB6575@layer-acht.org> <[🔎] 4bbf5ea9-963f-745f-8cfd-7b152bc551b0@debian.org> <[🔎] CAK0OdpzZcEMcxSjSvVY3Wu1Rwc9zd09OvUPwvkM7T9NfjKiD7A@mail.gmail.com> <[🔎] 20161020234306.GB8418@layer-acht.org> <[🔎] 20161021093010.rl2qr6cty6lcqhyn@bogon.m.sigxcpu.org> <[🔎] 1477044864.1961791.762961753.6A20580D@webmail.messagingengine.com> <[🔎] 20161021102707.j6ff43x477sjvtzg@bogon.m.sigxcpu.org> <[🔎] 1477045804.1964244.762977497.4B246BA3@webmail.messagingengine.com>

On Fri, Oct 21, 2016 at 11:30:04AM +0100, Chris Lamb wrote:
> Guido Günther wrote:
> 
> > I'd just use bin/report-vuln ?
> 
> … one of these days I'm going to look at everything in bin/* and actually
> remember what it does :)
> 
> (Yay, for saving myself writing such a thing!)
> 
> > I'd say unstable and then "found".
> 
> How come, out of interest? AIUI the tradeoff here is that if the "found" step
> gets skipped, the BTS does not believe it is vulnerable and thus it won't get
> (correctly) kicked out of testing, etc. etc.

IIRC if we file against wheezy not all newer versions get marked as
affected (but I might be wrong) so there is a found/notfound step
involved in either case atm.

Cheers,
 -- Guido

Reply to:

Follow-Ups:
- Re: fixing in oldstable before unstable (was Re: Wheezy update of tre?)
  - From: Adrian Bunk <bunk@stusta.de>

References:
- fixing in oldstable before unstable (was Re: Wheezy update of tre?)
  - From: Holger Levsen <holger@layer-acht.org>
- Re: fixing in oldstable before unstable (was Re: Wheezy update of tre?)
  - From: Markus Koschany <apo@debian.org>
- Re: fixing in oldstable before unstable (was Re: Wheezy update of tre?)
  - From: Holger Levsen <holger@layer-acht.org>
- Re: fixing in oldstable before unstable (was Re: Wheezy update of tre?)
  - From: Markus Koschany <apo@debian.org>
- Re: fixing in oldstable before unstable (was Re: Wheezy update of tre?)
  - From: Bálint Réczey <balint@balintreczey.hu>
- Re: fixing in oldstable before unstable (was Re: Wheezy update of tre?)
  - From: Holger Levsen <holger@layer-acht.org>
- Re: fixing in oldstable before unstable (was Re: Wheezy update of tre?)
  - From: Guido Günther <agx@sigxcpu.org>
- Re: fixing in oldstable before unstable (was Re: Wheezy update of tre?)
  - From: Chris Lamb <lamby@debian.org>
- Re: fixing in oldstable before unstable (was Re: Wheezy update of tre?)
  - From: Guido Günther <agx@sigxcpu.org>
- Re: fixing in oldstable before unstable (was Re: Wheezy update of tre?)
  - From: Chris Lamb <lamby@debian.org>

Prev by Date: Re: Call for advice and testing of nss (and nspr) and intention to upload correction
Next by Date: Re: fixing in oldstable before unstable (was Re: Wheezy update of tre?)
Previous by thread: Re: fixing in oldstable before unstable (was Re: Wheezy update of tre?)
Next by thread: Re: fixing in oldstable before unstable (was Re: Wheezy update of tre?)
Index(es):
- Date
- Thread