Re: Wheezy update of icu?
On Wed, Sep 07, 2016 at 09:10:16PM +0200, Moritz Muehlenhoff wrote:
>
> So, you've identified the upstream fix for CVE-2016-6293 and why does
> that not get commited to the security tracker?
>
> That really sucks. LTS development almost fully relies on the
> security tracker, so why don't you submit generic vulnerability information
> you come across?
>
I was not aware that I needed to do that. It is not documented anywhere
in the LTS workflow [0] or in the security tracker itself [1].
Please let me know how I go about adding this to the security tracker
and I will.
Regards,
-Roberto
[0] https://wiki.debian.org/LTS/Development
[1] https://security-tracker.debian.org/tracker/
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
Reply to: