Re: [SRM] krb5 changelog missing CVE

To: Florian Weimer <fw@deneb.enyo.de>
Cc: Sam Hartman <hartmans@debian.org>, debian-release@lists.debian.org
Subject: Re: [SRM] krb5 changelog missing CVE
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Tue, 03 Jan 2012 20:10:01 +0000
Message-id: <[🔎] 1325621401.19606.4.camel@jacala.jungle.funky-badger.org>
In-reply-to: <[🔎] 87obuk4n7l.fsf@mid.deneb.enyo.de>
References: <[🔎] tslobukr54q.fsf@mit.edu> <[🔎] 87obuk4n7l.fsf@mid.deneb.enyo.de>

On Tue, 2012-01-03 at 20:09 +0100, Florian Weimer wrote:
> * Sam Hartman:
> 
> > Florian Weimer noticed that the krb5 changelog in squeeze was missing a
> > CVE that was fixed in the patch applied.
> > He proposes to make a new upload that corrects the changelog so that
> > people who track security issues from the changelog will find the fix:
> 
> Sorry, there seems to be a slight misunderstanding.  The changelog was
> indeed incorrect, but even that upload never made it to the archive.
[...]
> We already have packages built for (all?) 13 architectures.

Based on that final comment, I assume the updates will be released via
the security archive and there's nothing we (the release team) need to
do right now?

Regards,

Adam

Reply to:

Follow-Ups:
- Re: [SRM] krb5 changelog missing CVE
  - From: Florian Weimer <fw@deneb.enyo.de>

References:
- [SRM] krb5 changelog missing CVE
  - From: Sam Hartman <hartmans@debian.org>
- Re: [SRM] krb5 changelog missing CVE
  - From: Florian Weimer <fw@deneb.enyo.de>

Prev by Date: Re: Inadequate source of entropy in recursive queries: maradns
Next by Date: Re: Bug#622919: Raise severity?
Previous by thread: Re: [SRM] krb5 changelog missing CVE
Next by thread: Re: [SRM] krb5 changelog missing CVE
Index(es):
- Date
- Thread