Bug#970745: buster-pu: package pdns_4.1.6-3+deb10u1
Control: tags -1 + confirmed
On Tue, 2020-09-22 at 22:22 +0200, Chris Hofstaedtler wrote:
> Fixes for low-severity issues CVE-2019-10203 and CVE-2020-17482.
> Both using upstream patches for the 4.1 branch.
Please go ahead.
> Maybe it should be pointed out in the stable update notes that
> manual action is needed to remedy CVE-2019-10203 for existing
> installations using postgres. "Manual schema update required for
> PostgreSQL"?
We could, but I'm not sure how many people actually read the fine print
of the announcement mails, particularly in sections that they expect to
be boilerplate.
I was wondering if it was worth a d/NEWS entry, although that would
obviously be potentially annoying if it ends up being shown to users
who don't have the relevant binary package installd.
Regards,
Adam
Reply to: