On Fri, Aug 21, 2009 at 11:02:33PM +0200, Moritz Muehlenhoff wrote: > Mike Hommey wrote: > > > > New upstream versions are normal for this kind of stuff in > > > unstable/testing, so i thought it was not noteworthy. > > > > > > Is the security team following that road? > > > > The security team is backporting the fixes. > > I've been looking into the changes for the last two hours > and I think I'll have to revert to building an update based > on a 3.12.4 snapshot. > > The changes are massive and very subtle to backport, so I'm > afraid I might miss something seemimgly harmless, yet crucial. > I'll give it some more beating, haven't made up my mind yet.
If you go for a new upstream release, you should go for 3.12.3 or 3.12.3.1, i think. At least, they have upstream tarballs and contain the fixes. Mike -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
