Bug#959014: RFS: filezilla/3.39.0-2+deb10u1 [NMU, RC] -- Full-featured graphical FTP/FTPS/SFTP client
On Tue, Apr 28, 2020 at 03:54:42AM +0100, Phil Wyett wrote:
> * Package name : filezilla
> Version : 3.39.0-2+deb10u1
> https://mentors.debian.net/debian/pool/main/f/filezilla/filezilla_3.39.0-2+deb10u1.dsc
>
> Changes since the last upload:
>
> * Non-maintainer upload
> * Added: 02_untrusted_search_path.patch - CVE-2019-5429. (Closes: #928282)
> Note: Package requires sponsor for stable updates upload.
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947102
Hi!
You got approval for a stable update, yet the upload is targetted at
buster-security. That path is outside the purview of Release Team nor
any kind of sponsored uploads.
There are two ways to update stable:
* buster-security: done by the Security Team, usually prepared in secret,
typically discussed with the maintainer but uploaded by members of the
Security Team. This is for urgent security issues.
* buster (internally buster-proposed-updates, but the changelog entry says
"buster"): done by a regular maintainer/NMUer, possibly sponsored, after
an approval of the [Stable] Release Team.
Thus, unless you go through -security instead, could you please change the
changelog entry to target "buster" nor "buster-security"?
Meow!
--
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ in the beginning was the boot and root floppies and they were good.
⢿⡄⠘⠷⠚⠋⠀ -- <willmore> on #linux-sunxi
⠈⠳⣄⠀⠀⠀⠀
Reply to: