Re: freeze exception -- bugzilla3 18.104.22.168-1
On Mon, Nov 22, 2010 at 10:34:11AM +0100, Raphael Bossek wrote:
> Hi Moritz,
> thank you for your support. Sorry but I missed your response.
> If 3.6.3 is not accepted for testing -- where these security
> vulnerabilities (http://bugs.debian.org/602420) are solved upstream --
> applying patches to 3.6.2 could be but in consideration. By the way,
> 22.214.171.124-2 solved some further issues with noninteractive installation
> (piuparts) and missing package dependencies; both issues exists in
> 3.6.2 series of Debian packages.
> I would prefer the 3.6.3 because it's simpler to read the CVE and
> compare the version of the package instead of reading the changelog
> for solved security vulnerabilities.
That is up to release managers to review/decide.