Hi firmware-nonfree maintainers
I have a question from an LTS perspective about the possible security updates we have for the firmware-nonfree package.
You can find them here:
I can see that all the related CVEs are marked as no-dsa for buster, simply because there is no security support for the non-free section. This rule also applies to LTS but with the exception of the firmware-nonfree package.
My questions to you are the following:
1) Do you think any of the listed CVEs are important enough to warrant an upload to buster and/or stretch?
2) Do you plan to do this for buster?
3) Would you mind if some LTS developer does such an upload for buster?
Having a later version in oldstable (compared to stable) is not a good practice so if any of them are important we should update both oldstable and stable.
Thank you in advance,
// Ola
--
--- Inguza Technology AB --- MSc in Information Technology ----
---------------------------------------------------------------