Re: [DSA 1629-1] Etch postfix packages older than base (was Re: New postfix packages fix privilege escalation)

To: Ewen McNeill <ewen@naos.co.nz>
Cc: debian-security@lists.debian.org
Subject: Re: [DSA 1629-1] Etch postfix packages older than base (was Re: New postfix packages fix privilege escalation)
From: Thijs Kinkhorst <thijs@debian.org>
Date: Tue, 19 Aug 2008 11:09:29 +0200
Message-id: <[🔎] 200808191109.31932.thijs@debian.org>
In-reply-to: <[🔎] 20080819000717.81B0F112962@wat.la.naos.co.nz>
References: <[🔎] 20080819000717.81B0F112962@wat.la.naos.co.nz>

On Tuesday 19 August 2008 02:07, Ewen McNeill wrote:
> It appears that this security patched package actually has an older
> version number than the one in Debian Etch base.

Yes, this was an oversight, perhaps because the Postfix maintainer doesn't use 
i386 and therefore missed the binNMU. All other archs are fine though.

> Would it be possible to rerelease this fix for Debian Etch with a
> higher package version number?  Either 2.3.8-3etch1 or 2.3.8-2+b1etch1
> or similar would seem to do.

This has just been done as 2.3.8-2+etch1.

Thijs

Attachment: pgpdY49B5TanP.pgp
Description: PGP signature

Reply to:

References:
- [DSA 1629-1] Etch postfix packages older than base (was Re: New postfix packages fix privilege escalation)
  - From: Ewen McNeill <ewen@naos.co.nz>

Prev by Date: Re: [DSA 1629-1] Etch postfix packages older than base
Next by Date: Re: Vacation messages (was: Re: [SECURITY] [DSA 1629-1] New postfix packages fix privilege escalation)
Previous by thread: Re: [DSA 1629-1] Etch postfix packages older than base
Next by thread: What to do about SSH brute force attempts?
Index(es):
- Date
- Thread