Re: Wheezy update of openafs?
On Sat, Dec 03, 2016 at 12:22:38PM +0100, Guido Günther wrote:
> Hello dear maintainer(s),
>
> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of openafs:
> https://security-tracker.debian.org/tracker/CVE-2016-9772
Have you determined whether the regular Debian Security Team is interested
in addressing these issues in jessie? Though carnil@ requested the
CVE number assignment, I do not see a debian bug for the issue and have
not (yet?) been in contact with the security team about it. It seems like
it would be rather strange for a fix to go into wheezy but not jessie....
> Would you like to take care of this yourself?
>
> If yes, please follow the workflow we have defined here:
> https://wiki.debian.org/LTS/Development
>
> If that workflow is a burden to you, feel free to just prepare an
> updated source package and send it to debian-lts@lists.debian.org
> (via a debdiff, or with an URL pointing to the source package,
> or even with a pointer to your packaging repository), and the members
> of the LTS team will take care of the rest. Indicate clearly whether you
> have tested the updated package or not.
>
> If you don't want to take care of this update, it's not a problem, we
> will do our best with your package. Just let us know whether you would
> like to review and/or test the updated package before it gets released.
I will see if I can find time to prepare an update, though I think there are
a few things at higher priority on my Debian todo list at the moment.
If someone from the LTS team does get to it before I do, I'm happy to look
at the debdiff and provide another sanity check.
-Ben
Reply to: