Control: forcemerge 1041248 -1 On Fri, Sep 08, 2023 at 02:23:11PM +0200, Matthias Geiger wrote: > Package: keepassxc > Version: 2.7.4+dfsg.1-2 > Severity: wishlist > X-Debbugs-Cc: werdah...@riseup.net > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Hi Julian, > > please consider updating keepassxc to the latest upstream version > (2.7.6). The version in debian is now almost a year (!) old compared to > the latest one (Oct 22 vs. Aug 23). > > Something as sensible as a password manager should always be > the latest version imho, if possible. If you are busy atm I can prepare > a MR in salsa. Let me know if you want to work together on this.
Unfortunately a password manager is quite sensitive, so it requires at least a cursory security review for each update. This means that we effectively need to find a couple days where I'm not working to undertake that arduous task, which is how we end up with a yearly feature update over the end of/new year break. Outside of the yearly feature update I will CVEs and release critical bugs by applying a targeted patch if possible. I hope you have a good day and try to look for existing bugs next time before reporting a duplicate. -- debian developer - deb.li/jak | jak-linux.org - free software dev ubuntu core developer i speak de, en
signature.asc
Description: PGP signature
