[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#892590: Review graphite2

Hi,

On Mon, Mar 19, 2018 at 04:43:51PM +0100, Markus Koschany wrote:
> Am 19.03.2018 um 16:23 schrieb Rene Engelhard:
> > On Sun, Mar 18, 2018 at 11:39:57AM +0530, Abhijith PA wrote:
> >> I prepared LTS security update for graphite2[1]. Debdiff is attached.
> >> All tests ran successfully. Please review.
> > 
> > Why would we need one given for jessie and stretch it is clearly marked
> > as no-DSA?
> > 
> > https://security-tracker.debian.org/tracker/source-package/graphite2
> > 
> > I think we don't and shouldn't do this.
> > 
> > Regards,
> > 
> > Rene
> 
> No-dsa means that the security team won't handle it but it is still a
> bug which can and should be fixed via a point update.

This will happen (as Moritz said in
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892590#40) when the next
severe issue warranting a DSA comes up.

I am not going over the .-release procedure for this, I'd have uploaded
to security, though, but...

I don't think we should special-case our oldest,
soon-to-be-not-supported release.

Regards,

Rene
Reply to: