On Thu, Nov 14, 2019 at 01:51:46PM -0500, Roberto C. Sánchez wrote: > > I had not yet seen this message so I already submitted a MR. Should I > > close that and make a direct commit? I believe you did this now, but in any case: yes, please. > - Any feedback on this proposed DLA text? a.) very cool! > Package : debian-security-support > Version : 2019.11.15~deb8u1 > > > debian-security-support, the Debian security support coverage checker, > has been updated in jessie. > > This marks the end of life of the libqb package in jessie. A recently > reported vulnerability against libqb which allows users to overwrite > arbitrary files via a symlink attack cannot be adequately addressed in > libqb in jessie. Upstream no longer supports this version and no > packages in jessie depend upon libqb, thus making it a leaf package. b.) I would drop the 'thus making it a leaf package.' half-sentence and it conveys no relevant information. & thanks again for taking care of the d-s-s upload! -- cheers, Holger ------------------------------------------------------------------------------- holger@(debian|reproducible-builds|layer-acht).org PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C
Attachment:
signature.asc
Description: PGP signature