[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Fwd: Re: Tomb package 2.5 > 2.6]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi SZ,

thanks for your review and thoughts

Sven

Am Samstag, den 05.10.2019, 20:43 +0800 schrieb SZ Lin (林上智):
> Hi Sven,
> 
> Sven Geuer <debmaint@g-e-u-e-r.de> 於 2019年10月4日 週五 上午3:12寫道:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA512
> > 
> > Hi Team,
> > 
> > I received a request to bring tomb 2.6 to buster (see forwarded
> > mail
> > below). I believe backports is the way to go. Do you agree?
> 
> I've skimmed the commits between 2.5 and 2.6, and many commits are
> not related to security fixes. Therefore, I think buster-backport is
> more
> suitable for this case if you want to use tomb 2.6 in Debian 10.
> 
> Moreover, if there is any specific security issue (e.g., CVE) need to
> be fixed,
> the buster-security is the way.
> 
> SZ
> 
> > @Dmitry: I'm not sure why you consider tomb 2.6 a security update.
> > Anyway, to emphasize your request I suggest you open up a whishlist
> > bug
> > against tomb.
> > 
> > Sven
> > 
> > - -------- Weitergeleitete Nachricht --------
> > Von: Dmitry Elmanov <delmanov@gmail.com>
> > An: Sven Geuer <debmaint@g-e-u-e-r.de>
> > Betreff: Re: Tomb package 2.5 > 2.6
> > Datum: Thu, 3 Oct 2019 14:11:22 +0300
> > 
> > > Dear Sven
> > > 
> > > Tomb 2.6 safely settled in the Testing. Thank you.
> > > In my opinion, there are all signs that version 2.6
> > > is a "security update", and therefore may come to
> > > a stable branch. Is it possible? Or backports...?
> > > 
> > > Best regards,
> > > Dmitry Elmanov
> > > 
> > -----BEGIN PGP SIGNATURE-----
> > 
> > iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl2WRakACgkQrfUO2vit
> > 1YWS7g/9HoeQkkz14koe0iBfC6pqDFxgkLyFcdB4GOUF6eu3A6kHdSsfYDj4g33F
> > kUwANU2aZ3ep3plkb6bS5SmpDRt3g1Mwvd+za0rlQNyEu2lnbqOUZKEqpcRg4xl7
> > BLkbevYeDCc36WOg2GgxtaQ0+PBeVTl0k19jeQgP0CIHcwKDGt3wkjS89NAsanqn
> > IICiP3sLN3yFWtpPiK6KkUrQ0P2hCU7xDSdutKxNw0uRLzGL7iemX8vmD+SzjCDe
> > QtZaY2HW3lrMPcPjWgbmj90y4wsufuEWduKGJSl0XWXDX/vhGQLBFOJMCb2C19lV
> > kASTBzcldhxLakqeOkW4GomS2GajO1TQ//mY8P2/KIYjlIxEmt8XUxWjm3CU/F+O
> > khPrC8ZNZ6eW+kf+Xw7suKKnTirSI5MvWKtnJRklh/ufVXlEY5ALAz/enesKQ6jx
> > bMz4FwMM1amvc5qlsKOlFHMLUuDP2KxmHvcum5aZnbs0M5VLETviRKcRSrOWh9Yh
> > YkB/scyHS0CYHDgOr1umpEeV7XcQSmlOpx6/yb3m4UrVnSMeCHCZI5tjSb43NFo2
> > yb3gjduPCsXJ0/Snpyw7MXeKemtFV4RJXp20StKokAB+bjyDVkhILDLTaay/Iw5t
> > FvZPz0+s4NY8f547dRpofbjVdPbnulFlNP8Fgu2FN+oZr4b2NXM=
> > =a+4B
> > -----END PGP SIGNATURE-----
> > 
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl2aVlEACgkQrfUO2vit
1YXsVw/9FdpZ6LMpTkF04OoyvLvi5H7l/++WOKZ2+B2iwjAYmkzeGq2Yz6V7sYBy
yCZdVSl8KJ61OBdeh9g+mErfhnTh+MrOkce2P5mKG4bdNPzM9mZ+lxX6Dz6DbXl+
6RYKWPIb6BarC5DbN31ncIqwnjZts1r7WmDRobF+aTd49OMg0zk6fwSBwHbyc9Au
6vkg9/cQrjTPCLhm9b+P+2fJiNbi5DWa5EsMZfVlHrYdpP5jd9kOw4fInDUhYoLF
cfKMIvMdb2uVkkv+DPUy7BlWQ5bVjkxT8pYM4ybHuXC7v+8JME3PB0a4o/W49/yb
CgKsOGgYIg1N6mC5sWoQ1M/z0QNSOGajc45S6FFtLAvz3Rk/9kpWmkBP0bcvneED
1rOQ2BcNpXK2jyw5lP06Ja3pSOMidGEDL/PQ/gNHuS4sA0ScqOuNoPjW/ikveE2Y
bYMwQu+BnLbPgVBBjNcvUr0aS2zcfzXFY0oLbLvRTqZGbfkO+eWq16d15vU0eXHt
Q1spwH6ckzpYr5Tt8Hj1qGkHIELmINZ2vVeCqZJd+zvQ5UiHvjQcheRLfPypjdgK
7ikpvRWYkVGsw/W1ljkjJDcYpQ2zyc+Xpdl9mUkcOI4uWsHegrOrdkTfZekZmfel
6zERY6rH4Z5GexfNBDoaHLAONY0mJuQgP4hktldyL0HSmjcsyh0=
=o2KR
-----END PGP SIGNATURE-----
Reply to: