Hello, I see that a [NMU] has just been done in unstable for wpa, in order to fix the vulnerabilities covered by DSA-3999-1. [NMU]: <https://tracker.debian.org/news/879583> Unfortunately wpa has three open RC bugs which appear to have incorrect BTS version tracking info. I [tried] to explain the situation and get confirmation about my guess, but I haven't received any reply yet. [tried]: <https://bugs.debian.org/849122#65> I am worried that apt-listbugs users (running Debian unstable or testing) may have wpa pinned to a vulnerable version because of those three RC bugs and won't get the security fixes, until the situation is clarified. What should I do, in your opinion? Should I just trust my intuition and fix the version tracking info of those three RC bugs, as said in my message? Or otherwise, who could I contact in order to get confirmation for my guess? Thanks for you time and for any help you may provide. -- http://www.inventati.org/frx/ There's not a second to spare! To the laboratory! ..................................................... Francesco Poli . GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE
Attachment:
pgpxI2Y1OTSUH.pgp
Description: PGP signature