On Fri, 2019-11-15 at 16:22 +0000, Adam D. Barratt wrote: > On 2019-11-15 16:04, Luca Boccassi wrote: > > On Fri, 2019-11-15 at 15:00 +0000, Adam D. Barratt wrote: > > > On 2019-11-15 14:26, Luca Boccassi wrote: > > > > This release has only one bug fix, which fixes a regression > > > > introduced > > > > by the fix for CVE-2019-14818 released on Tuesday via stretch- > > > > security. > > > > > > I assume that's not a sufficiently important regression that it > > > needs > > > fixing via -security? The next stretch point release is probably > > > not > > > for > > > a couple of months. > > > > > > Regards, > > > > > > Adam > > > > Hi, > > > > It breaks some important functionality, but it does not introduce a > > new > > security issues. Does the security process allow a new -security > > upload > > in this case? > > That's up to the Security Team. I'd suggest asking them and seeing > what > they think. > > Regards, > > Adam Hi, The security team is OK with another DSA if it's a critical breakage. I talked with the co-maintainer and we decided that it's uncommon enough that we'll go through -pu unless someone raises a bug, and only then consider an additional DSA. We'd like the latest release in -pu regardless, so it should be independent of this request. Thanks! -- Kind regards, Luca Boccassi
Attachment:
signature.asc
Description: This is a digitally signed message part