On 2017-07-02 09:34 +0200, Pascal Hambourg wrote:
Le 01/07/2017 � 23:19, Sven Joachim a �crit :
On 2017-07-01 16:36 -0400, Perry E. Metzger wrote:
Am I correct in interpreting this:
https://security-tracker.debian.org/tracker/CVE-2017-9445
as meaning a fix to it still isn't in sid, and therefore is not
yet in the process of percolating down to stretch?
That seems to be correct.
Huh ? Do *stable* security updates have to go through sid ?
No. However, as there will be no upload by the security team, the
maintainers will have to provide an update via proposed-updates, and the
release team usually demands that the bug is fixed in unstable first.
Cheers,
Sven