Re: [SECURITY] [DSA 1523-1] New ikiwiki packages fix cross-site scripting
* Ronny Adsetts:
> My understanding is that the security team don't generally provide
> updates for unstable. The DSA simply notes the unstable version in
> which the security hole was fixed.
Exactly, I looked at our records (and the ikiwiki homepage), and listed
the version that was reported there.
ikiwiki is a native packge (no "-" in the version number), and we took
too much time to process the update even though it was available (sorry
about that), that's why there appears to be a large discrepancy between
the reported version number and the current version in sid. However,
this must have already happened in the past, when the security impact of
a change was discovered only afterwards.
Reply to: