[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 1523-1] New ikiwiki packages fix cross-site scripting

Hi,

On Tue, Mar 18, 2008 at 03:03:00PM +0000, Ronny Adsetts wrote:
> >The question is, why the security team releases 2.31.1 as security
> >update while 2.40 is the current version and not only since a few
> >days.
> 
> My understanding is that the security team don't generally provide updates 
> for unstable. The DSA simply notes the unstable version in which the 
> security hole was fixed.

Ah, ok, so the announced it's not necessarily the package version
which is released by the security team close to the DSA but perhaps a
version which was in Sid before, but is no more up-to-date when the
DSA is being released.

Thanks for clarification!

		Regards, Axel
-- 
Axel Beckert - abe@deuxchevaux.org, abe@noone.org - http://noone.org/abe/
Reply to: