[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Fixing minor/unimportant issues via DLA on demand

Hi Sylvain,

On Fri, Mar 20, 2020 at 5:33 PM Sylvain Beucler <beuc@beuc.net> wrote:
> These are 2 cases (request from Jessie user or from maintainer) that I
> yet to see :)
> Do you have a specific case in mind?

I do. But I am not very sure if I should mention the user thingy
publicly or not.
Anyway, the other case (where the maintainer wants to fix) is phpmyadmin.
Of course, he being the upstream and downstream maintainer, wanted to
fix this in Jessie.
And I am happy to help in such cases, because why not?
Just curious, if such a case happens, should I/we issue a DLA or not?

> More generally:
> - minor: when marked no-dsa or postponed (no-dsa substate), usually
> those are usually fixed later in batch, or along with a normal/major
> security flaw, to avoid too many security updates (whose impact is not
> neutral for users)
> - unimportant: those are more rare and usually not fixed at all, because
> they are not supposed to impact security in the context of our Debian
> package

Ack, thank you! :)


Best,
Utkarsh
Reply to: