Bug#873758: stretch-pu: package memcached/1.4.33-1
On Tue, 2017-09-12 at 22:52 +0200, Guillaume Delacour wrote:
> Le 30/08/2017 à 21:58, Adam D. Barratt a écrit :
> > Control: tags -1 + confirmed
> >
> > On Wed, 2017-08-30 at 21:33 +0200, gui@iroqwa.org wrote:
> > > The attached patch fix CVE-2017-9951 which has been not fixed via
> > > a DSA,
> > > as discussed with Salvatore Bonaccorso: https://bugs.debian.org/8
> > > 68701.
> >
> > +memcached (1.4.33-1+deb9u1) stretch; urgency=high
> > +
> > + * Non-maintainer upload by the Security Team.
> >
> > So far as I can tell, you're not a member of the Security Team, so
> > this
> > is incorrect.
>
> Sure, please find attached the fixed debdiff, as i'm not a member of
> the
> security team. I've also changed the distribution from stretch to
> stretch-security.
Why? "stretch-security" is an appropriate distribution to use for
uploads to the security archive, in which case you should be talking to
the Security Team, not us. Assuming you're still proposing an update
via proposed-updates and a point release, "stretch" was correct.
Regards,
Adam
Reply to: