Control: tags -1 + moreinfo
On 2017-05-18 8:38, Markus Wanner wrote:
as per Salvatore Bonaccorso, the current security fix for flightgear
doesn't warrant a DSA on its own (see below). Is it okay to upload to
'stable'?
So far as I can tell, having looked at the BTS and Security Tracker, and
the description of the CVE, this issue also affects the flightgear
package in unstable and is not yet fixed there. Assuming that's correct,
please ensure that unstable is fixed first and then come back to us; if
it's not correct, please get the metadata fixed.
A debdiff against the current version in stable-sec (3.0.0-5+deb8u1) is
attached. Please note that stable itself is still at 3.0.0-5 and
doesn't
offer the first (and related) security fix.
Indeed, because the main archive rejected the upload before it made it
as far as the p-u-new queue. I don't remember why and it was
suffficiently long ago that the data files are no longer publicly
available in order to check.
Regards,
Adam
