[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [pkg-lighttpd] Bug#474951: Is a fix for etch planned?

On Tue, Apr 15, 2008 at 08:39:03AM +0200, Pierre Habouzit wrote:
>   Dear security team, you broke lighttpd badly with your last upload,
> because you use a broken patch to fix the last CVE on it. Please update
> the patch, using e.g. the one in the unstable version instead.  You've
> broken lighttpd for almost 10 days, it's quite unacceptable to have a
> lighttpd in _stable_ in that state.
>   Dear SRM team: would an upload to s-p-u be accepted if the security
> team still doesn't react ?

As the current lighttpd distributed through security is utterly broken
if you have SSL activated, of course I would accept an update through
s-p-u.  But I would be deeply disappointed about this is handled, too.

Kind regards,
Philipp Kern
 .''`.  Philipp Kern                             Debian Developer
: :' :  http://philkern.de                       Debian Release Assistant
`. `'   xmpp:phil@0x539.de
  `-    finger pkern/key@db.debian.org

Attachment: signature.asc
Description: Digital signature

Reply to: