On Thu, Nov 03, 2005 at 04:58:17PM -0500, Joey Hess wrote: > enigmail > 17 days old > blocked by mozilla and mozilla-thunderbird > mozilla > 23 days old > vorlon is forcing it, hope that works > mozilla-thunderbird > 23 days old > vorlon is forcing it, hope that works All in today. > mozilla-firefox > 40 days old > 2 RC code bugs > 1 RC cpyright bug > At least 7 fixed security bugs, with at least 3 involving remote > code execution. Overriding the RC bugs, as none of them appear to be regressions. May require some more locale removals, just like the mozilla hint did... > uim > scheduled for removal Has reverse deps, though, so it's not going anywhere at the moment. Frank, thoughts on this? > uw-imap > 21 days old > RC bug #334512 is avoided by upgrading to libssl 0.9.8a-3. > Package needs an upload with a dependency on that version to > close the bug. > BTW, the security hole is remote code execution. No reupload is needed, really, since this was a transient bug in a dependency. The bug has been closed now, so uw-imap should get in with the next run. > PS: The current number of untransitioned security fixes is lower than it > has been at any point in the past year. > PPS: But testing/unstable also have well over 100 unfixed security bugs.. Heh. Would it be worth posting summaries of the unfixed RC security bugs somewhere from time to time, to try to get more people involved with NMUing them? Or are most of these not RC security bugs at this point? -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. vorlon@debian.org http://www.debian.org/
Attachment:
signature.asc
Description: Digital signature