On Sun, Sep 14, 2014 at 04:02:49AM -0400, Michael Gilbert wrote: > On Sun, Sep 14, 2014 at 3:47 AM, Bart Martens wrote: > > In this case I'd like to see this bug > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752277 > > fixed with the minimal changes in this package. > > https://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/flashplugin-nonfree_3.2+wheezy1_amd64.changes > > > > Please let me know how I could help. > > Flash, being non-free, is entirely unsupportable from a security > perspective: that is by definition (and the historical track record > also doesn't help).
This bug is not in the player but in the Debian package. > > That said, anyone can propose a stable proposed-update, but the > gatekeeper for that is the release team rather than the security team. I meant via security.debian.org, not via stable proposed-updates. Again, see this part of the FAQ : https://www.debian.org/security/faq#contrib | If it is possible to fix the problem, and the package maintainer or someone | else provides correct updated packages, then the security team will generally | process them and release an advisory. It is possible to fix the problem, and the package maintainer has provided a correct updated package, so why is the security team not processing it and release an advisory ? If it's due to lack of time, can I help with this ? Regards, Bart Martens -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
