Control: tags -1 + moreinfo On 2017-05-18 8:38, Markus Wanner wrote:
as per Salvatore Bonaccorso, the current security fix for flightgear doesn't warrant a DSA on its own (see below). Is it okay to upload to 'stable'?
So far as I can tell, having looked at the BTS and Security Tracker, and the description of the CVE, this issue also affects the flightgear package in unstable and is not yet fixed there. Assuming that's correct, please ensure that unstable is fixed first and then come back to us; if it's not correct, please get the metadata fixed.
A debdiff against the current version in stable-sec (3.0.0-5+deb8u1) isattached. Please note that stable itself is still at 3.0.0-5 and doesn'toffer the first (and related) security fix.
Indeed, because the main archive rejected the upload before it made it as far as the p-u-new queue. I don't remember why and it was suffficiently long ago that the data files are no longer publicly available in order to check.
Regards, Adam