On Wed, May 04, 2005 at 10:00:34PM +0200, Moritz Muehlenhoff wrote: > In gmane.linux.debian.devel.release, you wrote: > > leafnode 1.11.1.rel-1 is already in testing. :) > But it might need another update; 1.11.2 fixes a DoS vulnerability > in fetchnews with relatively minor impact. > What policy do you have for handling the outstanding fixed security > bugs (as found on newraff.debian.org/~joeyh/testing-security.html) > that haven't migrated to Sarge before the freeze? Will they be > hinted through regardless of their severity or only the RC ones? I think we should be following Joey's policy for stable-security/proposed-updates as far as non-RC security bugs are concerned. Unfortunately, I'm not sure what this is. :-) Joey, could you clarify? Thanks, -- Steve Langasek postmodern programmer
Attachment:
signature.asc
Description: Digital signature