Bug#910398: stretch-pu: package gnupg2/2.1.18-8~deb9u3

To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, 910398@bugs.debian.org
Cc: team@security.debian.org
Subject: Bug#910398: stretch-pu: package gnupg2/2.1.18-8~deb9u3
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 20 Oct 2018 10:43:31 +0100
Message-id: <[🔎] 1540028611.3141.38.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 910398@bugs.debian.org
In-reply-to: <[🔎] 877eiw1045.fsf@fifthhorseman.net>
References: <[🔎] 877eiw1045.fsf@fifthhorseman.net> <[🔎] 877eiw1045.fsf@fifthhorseman.net>

On Fri, 2018-10-05 at 17:48 -0500, Daniel Kahn Gillmor wrote:
> I'd like to update the version of GnuPG in debian stable with a
> series of targeted bugfixes (most of which are backported from
> upstream).
[...]
> I note that this is *not* itself a security fix -- these fixes do not
> address a specific vulnerability in stretch's version of GnuPG.
> However, they do have security implications for stretch, because they
> are needed in order to support enigmail since the thunderbird 60
> upgrade.
> 
> If the release team or the security team (x-debbug-cc'ed here) would
> prefer that we handle this via stretch-security instead of
> stretch-proposed-updates, that's fine with me: please let me know.

Any chance of an explicit opinion from the Security Team here? [CCed]

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#910398: stretch-pu: package gnupg2/2.1.18-8~deb9u3
  - From: Moritz Mühlenhoff <jmm@inutil.org>

References:
- Bug#910398: stretch-pu: package gnupg2/2.1.18-8~deb9u3
  - From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Prev by Date: Bug#910396: stretch-pu: package libgd2/2.2.4-2+deb9u3
Next by Date: Bug#911186: stretch-pu: package clamav/0.100.1+dfsg-0+deb9u1
Previous by thread: Re: stretch-pu: package gnupg2/2.1.18-8~deb9u3
Next by thread: Bug#910398: stretch-pu: package gnupg2/2.1.18-8~deb9u3
Index(es):
- Date
- Thread