Re: [SRM] krb5 changelog missing CVE
On Tue, 2012-01-03 at 20:09 +0100, Florian Weimer wrote:
> * Sam Hartman:
>
> > Florian Weimer noticed that the krb5 changelog in squeeze was missing a
> > CVE that was fixed in the patch applied.
> > He proposes to make a new upload that corrects the changelog so that
> > people who track security issues from the changelog will find the fix:
>
> Sorry, there seems to be a slight misunderstanding. The changelog was
> indeed incorrect, but even that upload never made it to the archive.
[...]
> We already have packages built for (all?) 13 architectures.
Based on that final comment, I assume the updates will be released via
the security archive and there's nothing we (the release team) need to
do right now?
Regards,
Adam
Reply to: