Hi, On Sat, 21 Apr 2018 at 08:23:55 +0200, Salvatore Bonaccorso wrote: > On Sat, Apr 21, 2018 at 02:13:54AM +0200, Guilhem Moulin wrote: >> On Fri, 20 Apr 2018 at 05:18:36 +0200, Salvatore Bonaccorso wrote: >>> Thanks for following up for stretch. First a quick comment. Please >>> always CC t...@security.debian.org on such questions for if an update >>> is wanted for DSA. This alows team members to better share the load >>> for review, release, etc ... (and it's recorded futhermore on the team >>> alias). >> >> Oops, I assumed that the Security Team received all bugs tagged >> ‘security’ so I omitted the CC on purpose… my bad. > > Unfortunately, or fortunately not (yet), getting all comunication with > Tag security set will overwhelm our mailboxes. But as an improvement > step we are planning to get initial submissions with security tag set. > Until now that happens only if someone uses reportbug to fill the > issue, adding a X-Debbugs-CC, but not if one fills wihout reportbug a > bug. Cf. #895661. Sorry, got now longer as I want. My only intention > was to quickly state that for future cases, so we might distributed > workload within the team better.
I see, thanks for the info; I'll try to remember that next time :-) >>> There is though one no-dsa issue, >>> https://security-tracker.debian.org/tracker/CVE-2018-1000071 which >>> would be good to be included. Could you backport that fix as well and >>> send a new debdiff for quick review+ack for upload? >> >> Sure, new debdiff attached. > > Looks good to me, please do upload to security-master. Done. -- Guilhem.
signature.asc
Description: PGP signature
