Hi Florian, (args, I initially sent my mail to security-tracker and just bounced it to this list then). * Florian Weimer <firstname.lastname@example.org> [2008-06-13 11:21]: > * Nico Golde: > > * Martin Pitt <email@example.com> [2008-06-12 18:06]: > >> after many years of calling our CUPS package "cupsys" it has finally > >> be renamed to the proper upstream name "cups", including init scripts, > >> library packages, etc. This makes us compatible again with all the > >> upstream documentation out there, unbreaks the LSB printer driver > >> packages from openprinting.org, reduces confusion with users, and > >> finally makes the libraries Policy compliant (SONAME == package name). > >> Please see http://bugs.debian.org/482296 for details. > > [...] > > Any idea on how to change the tracker information according > > to that? > > The source package has been renamed. This means that cupsys should be > added to the removed-packages file at some point. Vulnerabilities > should be marked as <removed> for unstable and cupsys, and as <unfixed> > for cups (or annotated with the proper version). If I add cupsys to the removed-packages file is an additional <removed> tag in CVE/list still needed? Kind regards Nico -- Nico Golde - http://www.ngolde.de - firstname.lastname@example.org - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Description: PGP signature