Re: Bug#892590: Review graphite2
Hi,
On Mon, Mar 19, 2018 at 04:43:51PM +0100, Markus Koschany wrote:
> Am 19.03.2018 um 16:23 schrieb Rene Engelhard:
> > On Sun, Mar 18, 2018 at 11:39:57AM +0530, Abhijith PA wrote:
> >> I prepared LTS security update for graphite2[1]. Debdiff is attached.
> >> All tests ran successfully. Please review.
> >
> > Why would we need one given for jessie and stretch it is clearly marked
> > as no-DSA?
> >
> > https://security-tracker.debian.org/tracker/source-package/graphite2
> >
> > I think we don't and shouldn't do this.
> >
> > Regards,
> >
> > Rene
>
> No-dsa means that the security team won't handle it but it is still a
> bug which can and should be fixed via a point update.
This will happen (as Moritz said in
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892590#40) when the next
severe issue warranting a DSA comes up.
I am not going over the .-release procedure for this, I'd have uploaded
to security, though, but...
I don't think we should special-case our oldest,
soon-to-be-not-supported release.
Regards,
Rene
Reply to: