Re: ikiwiki / CVE-2019-9187

To: "Brian May" <brian@linuxpenguins.xyz>, debian-lts@lists.debian.org
Subject: Re: ikiwiki / CVE-2019-9187
From: "Chris Lamb" <lamby@debian.org>
Date: Thu, 07 Mar 2019 17:19:34 -0500
Message-id: <[🔎] 86df568f-1402-4043-a79c-4fddc7051416@www.fastmail.com>
In-reply-to: <[🔎] 877eda30br.fsf@silverfish.pri>
References: <[🔎] 877eda30br.fsf@silverfish.pri>

Hi Brian,

It appears you generated your debdiff "backwards" - just in case this
is part of larger problem, could you re-post it? Thanks.

> I wasn't sure what version number to use. Previous jessie-security
> releases use the convention of "3.20141016.x" so was wondering if I
> should be using "3.20141016.5". At the moment have used
> "3.20141016.4+deb8u1" instead.

Good call. I believe the +debXuY to be more suitable for a jessie-
security update over .x as the intention, context and origin of the
update are immediately inferanble from the version number alone.


Best wishes,

-- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org 🍥 chris-lamb.co.uk
       `-

Reply to:

Follow-Ups:
- Re: ikiwiki / CVE-2019-9187
  - From: Brian May <bam@debian.org>

References:
- ikiwiki / CVE-2019-9187
  - From: Brian May <brian@linuxpenguins.xyz>

Prev by Date: rdflib / CVE-2019-7653
Next by Date: Re: rdflib / CVE-2019-7653
Previous by thread: ikiwiki / CVE-2019-9187
Next by thread: Re: ikiwiki / CVE-2019-9187
Index(es):
- Date
- Thread