Hi Ferenc,
On Fri, Aug 03, 2018 at 11:59:08AM +0200, Ferenc Wágner wrote:
> The proposed source debdiff for stretch-security:
>
> I tested the resulting package, it fixed the bug and didn't cause any
> breakage for me.
Ok, sounds good.
> There is a header file change affecting inline function bodies, but
> according to codesearch.debian.net those functions aren't used outside
> of xml-security-c, so there's no need to rebuild anything in the archive
> after this update. The DSA should probably include a corresponding
> warning, though.
>
> Dear Security Team, please let me know how to proceed. (Do you need the
> Cc, or was the security tag enough to get you in the loop?)
We definitely need a CC, we don't have a good mechanism to monitor bug
changes tagged security (and quite frankly there's lot of broken uses
of the security tag).
Please build with -sa (as the tarball is new in stretch-security) and
upload to security-master.
> And jessie is handled by the LTS team now, isn't it?
It is.
Cheers,
Moritz
