On Sat, 2015-04-18 at 16:09 -0400, David Prévot wrote: [...] > The said period now started (yet I can’t find any definition of what > that means exactly), and the three security issues affecting owncloud, > having their targeted fixes available in Sid, still affect the version > in Jessie. > > Adding the security team in the loop for advice: what is the way to move > forward now? (Will the pending unblock requests be processed and I > shouldn’t worry, will the issues warrant a DSA and should I prepare it, > should we rather make a pu request, something else?)
The unblock has semi-automagically (via a device named a jmw) been converted to a p-u request, but I'd still appreciate the security team's input on this. None of CVE-2015-301[123] currently have "no-dsa" markers on the security tracker so it's quite possible that a DSA would be appropriate. Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
