[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: final report on all woody DSAs and sarge

On Fri, Sep 03, 2004 at 07:58:48AM +0200, Martin Schulze wrote:

> Steve Langasek wrote:
> > pavuk 0.9pl28-3 includes the fix for DSA-527, but there is another
> >  security bug affecting this package (same bug #).  Hinting this for
> >  removal from sarge.
> Not in stable.

Yes it is; it's in stable/non-US (hence the DSA).

> > rlpr - hinting for removal.
> That won't help since it is in stable as well, so people upgrading
> from stable without security.debian.org will still have that package
> installed.

It will be marked as obsolete, though.  We cannot support packages forever
just because they were in the stable release; supporting the release which
contained them is enough.

> > slocate - hinting for removal.
> Won't help, the package comes from stable as well.
> Noah, could you see to apply the required security patch and
> prepare an NMU?

I filed the patch in the BTS a long time ago; should be trivial.

 - mdz

Reply to: