Re: [SRM] krb5 changelog missing CVE
* Adam D. Barratt:
> On Tue, 2012-01-03 at 20:09 +0100, Florian Weimer wrote:
>> * Sam Hartman:
>>
>> > Florian Weimer noticed that the krb5 changelog in squeeze was missing a
>> > CVE that was fixed in the patch applied.
>> > He proposes to make a new upload that corrects the changelog so that
>> > people who track security issues from the changelog will find the fix:
>>
>> Sorry, there seems to be a slight misunderstanding. The changelog was
>> indeed incorrect, but even that upload never made it to the archive.
> [...]
>> We already have packages built for (all?) 13 architectures.
>
> Based on that final comment, I assume the updates will be released via
> the security archive and there's nothing we (the release team) need to
> do right now?
No, I would like to take them from the queue and upload them directly
to the main archive.
Reply to: