[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Drop support for libqb?

Am 13.11.19 um 05:28 schrieb Roberto C. Sánchez:
> On Tue, Nov 12, 2019 at 06:53:19PM +0100, Markus Koschany wrote:
>> Hi,
>> Am 12.11.19 um 18:11 schrieb Roberto C. Sánchez:
>> [...]
>>> With that in mind, does this seem like a package for which we should
>>> declare the end of support?
>> That sounds reasonable to me.
> Is it as simple as updating the debian-security-support package?  Do we
> customarily send out a DLA when a package is dropped from support?

We usually mark affected CVE as <end-of-life> in data/CVE/list and just
add the package to security-support-ended.deb8 in
debian-security-support. We then upload new versions of the package
periodically and announce it via DLA. I believe now is a good time to do it.



Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: